3 matches found
CVE-2022-33138
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3, SIMATIC MV540 S All versions V3.3, SIMATIC MV550 H All versions V3.3, SIMATIC MV550 S All versions V3.3, SIMATIC MV560 U All versions V3.3, SIMATIC MV560 X All versions V3.3. Affected devices do not perform authentication f...
CVE-2022-33138
CVE-2022-33138 affects Siemens SIMATIC MV500 family (MV540 H/S, MV550 H/S, MV560 U/X): all versions before v3.3. The root cause is missing authentication for several web API endpoints, enabling an unauthenticated remote attacker to read and download data from the device. Siemens-Mitigation: updat...
Siemens SIMATIC MV500 Devices
1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC MV500 Devices Vulnerabilities: Insufficient Session Expiration, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these...