Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-36323.NASL
HistoryJan 25, 2023 - 12:00 a.m.

Siemens SCALANCE Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2022-36323)

2023-01-2500:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
29

9.2 High

AI Score

Confidence

High

JSON

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500742);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");

  script_cve_id("CVE-2022-36323");

  script_name(english:"Siemens SCALANCE Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2022-36323)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Affected devices do not properly sanitize an input field. This could
allow an authenticated remote attacker with administrative privileges
to inject code or spawn a system root shell.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-223-07");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Siemens has provided software patches for the following vulnerable products:

- For product versions prior to V7.1.2 update to V7.1.2 or later
- For product versions prior to V2.3.1 update to V2.3.1 or later

Siemens has identified the following specific workarounds and mitigations to reduce the risk:

- Apply the principle of least privileges for accounts configured on the affected devices
- Restrict network access in affected systems to ports 80/TCP and 443/TCP to trusted IP addresses and personal only.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends users configure the
environment according to the Siemens operational guidelines for industrial security and follow the recommendations in
the product manuals.

For additional information, please refer to Siemens Security Advisory SSA-710008.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-36323");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(74);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/08/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/08/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/01/25");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rm1224_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m804pb_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m812-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m816-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m826-2_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m874-2_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m874-3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m876-3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m876-4_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_mum853-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_mum856-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s615_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc622-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc626-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc632-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc636-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc642-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc646-2c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w721-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w722-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w734-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w738-1_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w748-1_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w748-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w761-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w774-1_m12_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w774-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w774-1_m12_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w778-1_m12_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w778-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w786-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w786-2_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w786-2_sfp_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w786-2ia_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w788-1_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w788-1_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w788-2_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w788-2_m12_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w788-2_rj45_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w1748-1_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w1788-1_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w1788-2_eec_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w1788-2_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_w1788-2ia_m12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_wam763-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_wam766-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_wam766-1_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_wum763-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_wum766-1_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3ld_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb208_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3ld_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb216_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_%28e%2fip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_%28e%2fip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_poe_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216-4c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216-4c_g_%28e%2fip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216-4c_g_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216-4c_g_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224-4c_g_%28e%2fip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224-4c_g_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224-4c_g_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_dna_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204-2ba_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204-2ba_dna_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm408-4c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm408-4c_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm408-8c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm408-8c_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm416-4c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xm416-4c_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208_%28eip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208poe_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216_%28eip%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216poe_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324-12m_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324-12m_ts_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324-4m_eec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324-4m_poe_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324-4m_poe_ts_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324wg_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr328-4c_wg_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr524-8c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr524-8c_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:siemens:scalance_xr526-8c_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr526-8c_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr528-6m_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr528-6m_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr528_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr552-12_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr552-12m_l3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr552-12m_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr552_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc208_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:ruggedcom_rm1224_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "RuggedCom", "orderNumbers" : ["6GK6108-4AM00-2BA2", "6GK6108-4AM00-2DA2"]},
    "cpe:/o:siemens:scalance_m804pb_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5804-0AP00-2AA2"]},
    "cpe:/o:siemens:scalance_m812-1_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5812-1AA00-2AA2", "6GK5812-1BA00-2AA2"]},
    "cpe:/o:siemens:scalance_m816-1_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5816-1AA00-2AA2", "6GK5816-1BA00-2AA2"]},
    "cpe:/o:siemens:scalance_m826-2_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5826-2AB00-2AB2"]},
    "cpe:/o:siemens:scalance_m874-2_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5874-2AA00-2AA2"]},
    "cpe:/o:siemens:scalance_m874-3_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5874-3AA00-2AA2"]},
    "cpe:/o:siemens:scalance_m876-3_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5876-3AA02-2BA2", "6GK5876-3AA02-2EA2"]},
    "cpe:/o:siemens:scalance_m876-4_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5876-4AA00-2BA2", "6GK5876-4AA00-2DA2"]},
    "cpe:/o:siemens:scalance_mum853-1_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5853-2EA00-2DA1"]},
    "cpe:/o:siemens:scalance_mum856-1_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCEM", "orderNumbers" : ["6GK5856-2EA00-3DA1", "6GK5856-2EA00-3AA1"]},
    "cpe:/o:siemens:scalance_s615_firmware" :
        {"versionEndExcluding" : "7.1.2", "family" : "SCALANCES", "orderNumbers" : ["6GK5615-0AA00-2AA2"]},
    "cpe:/o:siemens:scalance_sc622-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5622-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_sc626-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5626-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_sc632-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5632-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_sc636-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5636-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_sc642-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5642-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_sc646-2c_firmware" :
        {"versionEndExcluding" : "2.3.1", "family" : "SCALANCES", "orderNumbers" : ["6GK5646-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_w721-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5721-1FC00-0AA0", "6GK5721-1FC00-0AB0"]},
    "cpe:/o:siemens:scalance_w722-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5722-1FC00-0AA0", "6GK5722-1FC00-0AB0", "6GK5722-1FC00-0AC0"]},
    "cpe:/o:siemens:scalance_w734-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5734-1FX00-0AA0", "6GK5734-1FX00-0AA6", "6GK5734-1FX00-0AB0", "6GK5734-1FX00-0AB6"]},
    "cpe:/o:siemens:scalance_w738-1_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5738-1GY00-0AA0", "6GK5738-1GY00-0AB0"]},
    "cpe:/o:siemens:scalance_w748-1_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5748-1GD00-0AA0", "6GK5748-1GD00-0AB0"]},
    "cpe:/o:siemens:scalance_w748-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5748-1FC00-0AA0", "6GK5748-1FC00-0AB0"]},
    "cpe:/o:siemens:scalance_w761-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5761-1FC00-0AA0", "6GK5761-1FC00-0AB0"]},
    "cpe:/o:siemens:scalance_w774-1_m12_eec_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5774-1FY00-0TA0", "6GK5774-1FY00-0TB0"]},
    "cpe:/o:siemens:scalance_w774-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5774-1FX00-0AA0", "6GK5774-1FX00-0AA6", "6GK5774-1FX00-0AB0", "6GK5774-1FX00-0AC0", "6GK5774-1FX00-0AB6"]},
    "cpe:/o:siemens:scalance_w778-1_m12_eec_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5778-1GY00-0TA0", "6GK5778-1GY00-0TB0"]},
    "cpe:/o:siemens:scalance_w778-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5778-1GY00-0AA0", "6GK5778-1GY00-0AB0"]},
    "cpe:/o:siemens:scalance_w786-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5786-1FC00-0AA0", "6GK5786-1FC00-0AB0"]},
    "cpe:/o:siemens:scalance_w786-2_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5786-2FC00-0AA0", "6GK5786-2FC00-0AB0", "6GK5786-2FC00-0AC0"]},
    "cpe:/o:siemens:scalance_w786-2_sfp_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5786-2FE00-0AA0", "6GK5786-2FE00-0AB0"]},
    "cpe:/o:siemens:scalance_w786-2ia_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5786-2HC00-0AA0", "6GK5786-2HC00-0AB0"]},
    "cpe:/o:siemens:scalance_w788-1_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-1GD00-0AA0","6GK5788-1GD00-0AB0"]},
    "cpe:/o:siemens:scalance_w788-1_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-1FC00-0AA0", "6GK5788-1FC00-0AB0"]},
    "cpe:/o:siemens:scalance_w788-2_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2GD00-0AA0", "6GK5788-2GD00-0AB0"]},
    "cpe:/o:siemens:scalance_w788-2_m12_eec_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2GD00-0TA0", "6GK5788-2GD00-0TB0", "6GK5788-2GD00-0TC0"]},
    "cpe:/o:siemens:scalance_w788-2_rj45_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2FC00-0AA0", "6GK5788-2FC00-0AB0", "6GK5788-2FC00-0AC0"]},
    "cpe:/o:siemens:scalance_w1748-1_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5748-1GY01-0AA0", "6GK5748-1GY01-0TA0"]},
    "cpe:/o:siemens:scalance_w1788-1_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-1GY01-0AA0"]},
    "cpe:/o:siemens:scalance_w1788-2_eec_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2GY01-0TA0"]},
    "cpe:/o:siemens:scalance_w1788-2_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2GY01-0AA0"]},
    "cpe:/o:siemens:scalance_w1788-2ia_m12_firmware" :
        {"family" : "SCALANCEW", "orderNumbers" : ["6GK5788-2HY01-0AA0"]},
    "cpe:/o:siemens:scalance_wam763-1_firmware" :
        {"versionEndExcluding" : "2.0", "family" : "SCALANCEW", "orderNumbers" : ["6GK5763-1AL00-7DA0"]},
    "cpe:/o:siemens:scalance_wam766-1_firmware" :
        {"versionEndExcluding" : "2.0", "family" : "SCALANCEW", "orderNumbers" : ["6GK5766-1GE00-7DA0", "6GK5766-1GE00-7DB0"]},
    "cpe:/o:siemens:scalance_wam766-1_eec_firmware" :
        {"versionEndExcluding" : "2.0", "family" : "SCALANCEW", "orderNumbers" : ["6GK5766-1GE00-7TA0", "6GK5766-1GE00-7TB0"]},
    "cpe:/o:siemens:scalance_wum763-1_firmware" :
        {"versionEndExcluding" : "2.0", "family" : "SCALANCEW", "orderNumbers" : ["6GK5763-1AL00-3AA0", "6GK5763-1AL00-3DA0"]},
    "cpe:/o:siemens:scalance_wum766-1_eec_firmware" :
        {"versionEndExcluding" : "2.0", "family" : "SCALANCEW", "orderNumbers" : ["6GK5766-1GE00-3DA0", "6GK5766-1GE00-3DB0"]},
    "cpe:/o:siemens:scalance_xb205-3_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5205-3BB00-2AB2", "6GK5205-3BB00-2TB2", "6GK5205-3BD00-2TB2", "6GK5205-3BD00-2AB2"]},
    "cpe:/o:siemens:scalance_xb205-3ld_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5205-3BF00-2TB2", "6GK5205-3BF00-2AB2"]},
    "cpe:/o:siemens:scalance_xb208_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0BA00-2TB2", "6GK5208-0BA00-2AB2"]},
    "cpe:/o:siemens:scalance_xb213-3_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5213-3BD00-2TB2", "6GK5213-3BD00-2AB2", "6GK5213-3BB00-2TB2", "6GK5213-3BB00-2AB2"]},
    "cpe:/o:siemens:scalance_xb213-3ld_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5213-3BF00-2TB2", "6GK5213-3BF00-2AB2"]},
    "cpe:/o:siemens:scalance_xb216_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0BA00-2TB2", "6GK5216-0BA00-2AB2"]},
    "cpe:/o:siemens:scalance_xc206-2_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2BD00-2AC2", "6GK5206-2BB00-2AC2"]},
    "cpe:/o:siemens:scalance_xc206-2g_poe_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2RS00-2AC2", "6GK5206-2RS00-5AC2"]},
    "cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2RS00-5FC2"]},
    "cpe:/o:siemens:scalance_xc206-2sfp_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2BS00-2AC2"]},
    "cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2BS00-2FC2"]},
    "cpe:/o:siemens:scalance_xc206-2sfp_g_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2GS00-2AC2"]},
    "cpe:/o:siemens:scalance_xc206-2sfp_g_%28e%2fip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2GS00-2TC2"]},
    "cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5206-2GS00-2FC2"]},
    "cpe:/o:siemens:scalance_xc208_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0BA00-2AC2"]},
    "cpe:/o:siemens:scalance_xc208eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0BA00-2FC2"]},
    "cpe:/o:siemens:scalance_xc208g_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0GA00-2AC2"]},
    "cpe:/o:siemens:scalance_xc208g_%28e%2fip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0GA00-2TC2"]},
    "cpe:/o:siemens:scalance_xc208g_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0GA00-2FC2"]},
    "cpe:/o:siemens:scalance_xc208g_poe_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0RA00-2AC2", "6GK5208-0RA00-5AC2"]},
    "cpe:/o:siemens:scalance_xc216_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0BA00-2AC2"]},
    "cpe:/o:siemens:scalance_xc216-3g_poe_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-3RS00-2AC2", "6GK5216-3RS00-5AC2"]},
    "cpe:/o:siemens:scalance_xc216-4c_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-4BS00-2AC2"]},
    "cpe:/o:siemens:scalance_xc216-4c_g_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-4GS00-2AC2"]},
    "cpe:/o:siemens:scalance_xc216-4c_g_%28e%2fip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-4GS00-2TC2"]},
    "cpe:/o:siemens:scalance_xc216-4c_g_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-4GS00-2FC2"]},
    "cpe:/o:siemens:scalance_xc216eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0BA00-2FC2"]},
    "cpe:/o:siemens:scalance_xc224_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5224-0BA00-2AC2"]},
    "cpe:/o:siemens:scalance_xc224-4c_g_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5224-4GS00-2AC2"]},
    "cpe:/o:siemens:scalance_xc224-4c_g_%28e%2fip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5224-4GS00-2TC2"]},
    "cpe:/o:siemens:scalance_xc224-4c_g_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5224-4GS00-2FC2"]},
    "cpe:/o:siemens:scalance_xf204_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5204-0BA00-2GF2"]},
    "cpe:/o:siemens:scalance_xf204_dna_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5204-0BA00-2YF2"]},
    "cpe:/o:siemens:scalance_xf204-2ba_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5204-2AA00-2GF2"]},
    "cpe:/o:siemens:scalance_xf204-2ba_dna_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5204-2AA00-2YF2"]},
    "cpe:/o:siemens:scalance_xm408-4c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5408-4GP00-2AM2"]},
    "cpe:/o:siemens:scalance_xm408-4c_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5408-4GQ00-2AM2"]},
    "cpe:/o:siemens:scalance_xm408-8c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5408-8GS00-2AM2"]},
    "cpe:/o:siemens:scalance_xm408-8c_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5408-8GR00-2AM2"]},
    "cpe:/o:siemens:scalance_xm416-4c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5416-4GS00-2AM2"]},
    "cpe:/o:siemens:scalance_xm416-4c_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX400", "orderNumbers" : ["6GK5416-4GR00-2AM2"]},
    "cpe:/o:siemens:scalance_xp208_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0HA00-2AS6"]},
    "cpe:/o:siemens:scalance_xp208_%28eip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0HA00-2TS6"]},
    "cpe:/o:siemens:scalance_xp208eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0HA00-2ES6"]},
    "cpe:/o:siemens:scalance_xp208poe_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5208-0UA00-5ES6"]},
    "cpe:/o:siemens:scalance_xp216_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0HA00-2AS6"]},
    "cpe:/o:siemens:scalance_xp216_%28eip%29_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0HA00-2TS6"]},
    "cpe:/o:siemens:scalance_xp216eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0HA00-2ES6"]},
    "cpe:/o:siemens:scalance_xp216poe_eec_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX200", "orderNumbers" : ["6GK5216-0UA00-5ES6"]},
    "cpe:/o:siemens:scalance_xr324wg_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX300", "orderNumbers" : ["6GK5324-0BA00-3AR3", "6GK5324-0BA00-2AR3"]},
    "cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX300", "orderNumbers" : ["6GK5326-2QS00-3AR3", "6GK5326-2QS00-3RR3"]},
    "cpe:/o:siemens:scalance_xr328-4c_wg_firmware" :
        {"versionEndExcluding" : "4.4", "family" : "SCALANCEX300", "orderNumbers" : ["6GK5328-4FS00-3AR3", "6GK5328-4FS00-3RR3", "6GK5328-4FS00-2AR3", "6GK5328-4FS00-2RR3", "6GK5328-4SS00-3AR3", "6GK5328-4SS00-2AR3"]},
    "cpe:/o:siemens:scalance_xr524-8c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5524-8GS00-3AR2", "6GK5524-8GS00-4AR2",  "6GK5524-8GS00-2AR2"]},
    "cpe:/o:siemens:scalance_xr524-8c_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5524-8GR00-3AR2", "6GK5524-8GR00-4AR2", "6GK5524-8GR00-2AR2"]},
    "cpe:/o:siemens:scalance_xr526-8c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5526-8GS00-3AR2", "6GK5526-8GS00-4AR2", "6GK5526-8GS00-2AR2"]},
    "cpe:/h:siemens:scalance_xr526-8c_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5526-8GR00-3AR2", "6GK5526-8GR00-4AR2", "6GK5526-8GR00-2AR2"]},
    "cpe:/o:siemens:scalance_xr528-6m_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5528-0AA00-2HR2", "6GK5528-0AA00-2AR2"]},
    "cpe:/o:siemens:scalance_xr528-6m_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5528-0AR00-2HR2", "6GK5528-0AR00-2AR2"]},
    "cpe:/o:siemens:scalance_xr552-12m_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5552-0AA00-2HR2", "6GK5552-0AR00-2HR2", "6GK5552-0AA00-2AR2"]},
    "cpe:/o:siemens:scalance_xr552-12m_l3_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX500", "orderNumbers" : ["6GK5552-0AR00-2AR2"]},
    "cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX200", "orderNumbers" : ["6AG1206-2BB00-7AC2"]},
    "cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX200", "orderNumbers" : ["6AG1206-2BS00-7AC2"]},
    "cpe:/o:siemens:siplus_net_scalance_xc208_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX200", "orderNumbers" : ["6AG1208-0BA00-7AC2"]},
    "cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware" :
        {"versionEndExcluding" : "6.6", "family" : "SCALANCEX200", "orderNumbers" : ["6AG1216-4BS00-7AC2"]},
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
siemensscalance_w761-1_rj45_firmwarecpe:/o:siemens:scalance_w761-1_rj45_firmware
siemensruggedcom_rm1224_firmwarecpe:/o:siemens:ruggedcom_rm1224_firmware
siemensscalance_m804pb_firmwarecpe:/o:siemens:scalance_m804pb_firmware
siemensscalance_m812-1_firmwarecpe:/o:siemens:scalance_m812-1_firmware
siemensscalance_m816-1_firmwarecpe:/o:siemens:scalance_m816-1_firmware
siemensscalance_m826-2_firmwarecpe:/o:siemens:scalance_m826-2_firmware
siemensscalance_m874-2_firmwarecpe:/o:siemens:scalance_m874-2_firmware
siemensscalance_m874-3_firmwarecpe:/o:siemens:scalance_m874-3_firmware
siemensscalance_m876-3_firmwarecpe:/o:siemens:scalance_m876-3_firmware
siemensscalance_m876-4_firmwarecpe:/o:siemens:scalance_m876-4_firmware
Rows per page:
1-10 of 1181

Related

prion 2
cvelist 2
cve 2
cnvd 1
nessus 1
ics 4
prion
prion
Input validation
2022-08-10 12:15:00
Input validation
2023-11-14 11:15:00
cvelist
cvelist
CVE-2022-36323
2022-08-10 11:18:33
CVE-2023-44373
2023-11-14 11:04:09
cve
cve
CVE-2022-36323
2022-08-10 12:15:00
CVE-2023-44373
2023-11-14 11:15:13
cnvd
cnvd
Siemens SCALANCE product command injection vulnerability
2022-08-09 00:00:00
nessus
nessus
Siemens SCALANCE Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2023-44373)
2024-01-08 00:00:00
ics
ics
Siemens SCALANCE (Update A)
2023-01-13 12:00:00
Siemens SCALANCE SC-600 Family
2024-02-15 12:00:00
Siemens RUGGEDCOM and SCALANCE M-800/S615 Family
2023-12-14 12:00:00

9.2 High

AI Score

Confidence

High

JSON
Related for TENABLE_OT_SIEMENS_CVE-2022-36323.NASL
prion2cvelist2cve2cnvd1nessus1ics4