https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-22-167-10
Severity: High
ID: 501062
Version: 1.5
Type: remote
Family: Tenable.ot
Published: 4/11/2023
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Low
Score: 3.6
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.2
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2021-37182
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:scalance_xr528-6m_l3_firmware, cpe:/o:siemens:scalance_xr526-8c_l3_firmware:::~~~~24v~, cpe:/o:siemens:scalance_xr552-12m_2hr2_firmware, cpe:/o:siemens:scalance_xr524-8c_l3_firmware:::~~~~2x230v~, cpe:/o:siemens:scalance_xm408-8c_l3_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware:::~~~~2x230v~, cpe:/o:siemens:scalance_xr526-8c_l3_firmware, cpe:/o:siemens:scalance_xr526-8c_l3_firmware:::~~~~2x230v~, cpe:/o:siemens:scalance_xr524-8c_l3_firmware:::~~~~1x230v~, cpe:/o:siemens:scalance_xr526-8c_firmware:::~~~~24v~, cpe:/o:siemens:scalance_xm408-4c_l3_firmware, cpe:/o:siemens:scalance_xm408-4c_firmware, cpe:/o:siemens:scalance_xr524-8c_l3_firmware, cpe:/o:siemens:scalance_xr526-8c_l3_firmware:::~~~~1x230v~, cpe:/o:siemens:scalance_xr526-8c_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware:::~~~~24v~, cpe:/o:siemens:scalance_xr524-8c_l3_firmware:::~~~~24v~, cpe:/o:siemens:scalance_xm416-4c_l3_firmware, cpe:/o:siemens:scalance_xr526-8c_firmware:::~~~~2x230v~, cpe:/o:siemens:scalance_xr552-12m_2hr2_l3_firmware, cpe:/o:siemens:scalance_xr528-6m_2hr2_l3_firmware, cpe:/o:siemens:scalance_xr528-6m_firmware, cpe:/o:siemens:scalance_xm416-4c_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware:::~~~~1x230v~, cpe:/o:siemens:scalance_xr526-8c_firmware:::~~~~1x230v~, cpe:/o:siemens:scalance_xr528-6m_2hr2_firmware, cpe:/o:siemens:scalance_xm408-8c_firmware, cpe:/o:siemens:scalance_xr552-12m_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 6/14/2022
Vulnerability Publication Date: 6/14/2022
CVE: CVE-2021-37182
CWE: 354
ICSA: 22-167-10