HIGH🇬🇧 English

CVE-2022-29878

CVSS 7.5v3.1pub. 2022-05-20upd. 2025-12-09

A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Siemens 7kg8500 0aa00 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa00 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8500 0aa00 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa00 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8500 0aa10 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa10 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8500 0aa10 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa10 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8500 0aa30 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa30 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8500 0aa30 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8500 0aa30 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa01 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa01 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa01 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa01 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa02 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa02 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa02 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa02 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa11 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa11 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa11 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa11 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa12 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa12 0aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa12 2aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa12 2aa0 Firmware

    OS
    Siemens
    < 3.00
  • Siemens 7kg8501 0aa31 0aa0

    HW
    Siemens
    wszystkie wersje
  • Siemens 7kg8501 0aa31 0aa0 Firmware

    OS
    Siemens
    < 3.00
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-41665CRITICAL9.8ten sam produkt

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG...

CVE-2022-29873CRITICAL9.3ten sam produkt

A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validat...

CVE-2022-40226HIGH7.5ten sam produkt

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG...

CVE-2022-29874HIGH8.8ten sam produkt

A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traf...

CVE-2022-29876HIGH7.1ten sam produkt

A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle ...