Remote Code Execution Vulnerability in SCALANCE X Series by Siemens
CVE-2022-25751
7.5HIGH
Key Information:
- Vendor
Siemens
- Status
- Vendor
- CVE Published:
- 12 April 2022
What is CVE-2022-25751?
A vulnerability exists in several SCALANCE X series devices that fail to adequately validate HTTP headers in incoming requests. This flaw could potentially enable unauthenticated remote attackers to trigger device crashes, resulting in service interruption and potential compromise of device availability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
SCALANCE X302-7 EEC (230V, coated) All versions < V4.1.4
SCALANCE X302-7 EEC (230V) All versions < V4.1.4
SCALANCE X302-7 EEC (24V, coated) All versions < V4.1.4
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved