Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.26 views

Siemens Desigo PXM Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-40177)

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.7CVSS5.9AI score0.0081EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.25 views

CVE-2022-40177

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.7AI score0.0081EPSS
Exploits0References1
CVE
CVE
added 2022/10/11 12:0 a.m.161 views

CVE-2022-40177

CVE-2022-40177 affects Siemens Desigo PXM devices (PXM30-1/30.E/40-1/40.E/50-1/50.E; PXG3.W100-1/2; PXG3.W200-1/2) where the Operation web application Axon interface can read device files with root privileges. The root cause is improper file-system access control via Axon queries, enabling a remo...

5.7CVSS5.4AI score0.0081EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2022/10/11 12:0 a.m.55 views

Siemens Desigo PXM Devices

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Desigo PXM Devices Vulnerabilities: OS Command Injection, Exposure of Sensitive Information to an Unauthorized Actor, Cross-Site Scripting, Cross-Site Request Forgery, Improper...

8.8CVSS8.9AI score0.01146EPSS
Exploits0References11
Rows per page
Query Builder