https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-22-104-09
Severity: Critical
ID: 500781
Version: 1.7
Type: remote
Family: Tenable.ot
Published: 1/25/2023
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Medium
Score: 6.7
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2022-25752
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:scalance_xr324-4m_eec_firmware, cpe:/o:siemens:scalance_x310fe_firmware, cpe:/o:siemens:scalance_x302-7eec_firmware, cpe:/o:siemens:scalance_x308-2m_ts_firmware, cpe:/o:siemens:siplus_net_scalance_x308-2_firmware, cpe:/o:siemens:scalance_xr324-4m_poe_ts_firmware, cpe:/o:siemens:scalance_x320-1fe_firmware, cpe:/o:siemens:scalance_x308-2lh%2b_firmware, cpe:/o:siemens:scalance_x308-2m_firmware, cpe:/o:siemens:scalance_xr324-12m_firmware, cpe:/o:siemens:scalance_xr324-4m_poe_firmware, cpe:/o:siemens:scalance_x307-3_firmware, cpe:/o:siemens:scalance_x307-3ld_firmware, cpe:/o:siemens:scalance_xr324-12m_ts_firmware, cpe:/o:siemens:scalance_x307-2eec_firmware, cpe:/o:siemens:scalance_x308-2_firmware, cpe:/o:siemens:scalance_x310_firmware, cpe:/o:siemens:scalance_x308-2ld_firmware, cpe:/o:siemens:scalance_x306-1ldfe_firmware, cpe:/o:siemens:scalance_x308-2lh_firmware, cpe:/o:siemens:scalance_x320-1-2ldfe_firmware, cpe:/o:siemens:scalance_x304-2fe_firmware, cpe:/o:siemens:scalance_x408-2_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 4/12/2022
Vulnerability Publication Date: 4/12/2022
CVE: CVE-2022-25752
CWE: 330
ICSA: 22-104-09