Siemens SCALANCE W778-1 M12 EEC Firmware

CPE Details

Siemens SCALANCE W778-1 M12 EEC Firmware
siemens
scalance_w778-1_m12_eec_firmware
-
2022-12-19
12h38 +00:00
2022-12-22
16h43 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:siemens:scalance_w778-1_m12_eec_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

siemens

Product

scalance_w778-1_m12_eec_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-46140 2022-12-13 00h00 +00:00 Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
7.1
High
CVE-2022-46142 2022-12-13 00h00 +00:00 Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
5.2
Medium
CVE-2022-46143 2022-12-12 23h00 +00:00 Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
5.1
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.