CVE-2023-44320

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator.
Forced Browsing
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
siemensCNA
4.3 MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
siemens6gk5205-3bb00-2ab2_firmware
𝑥
< 4.5
siemens6gk5205-3bb00-2tb2_firmware
𝑥
< 4.5
siemens6gk5205-3bd00-2tb2_firmware
𝑥
< 4.5
siemens6gk5205-3bd00-2ab2_firmware
𝑥
< 4.5
siemens6gk5205-3bf00-2tb2_firmware
𝑥
≤ 4.5
siemens6gk5205-3bf00-2ab2_firmware
𝑥
< 4.5
siemens6gk5208-0ba00-2tb2_firmware
𝑥
< 4.5
siemens6gk5208-0ba00-2ab2_firmware
𝑥
< 4.5
siemens6gk5213-3bd00-2tb2_firmware
𝑥
< 4.5
siemens6gk5213-3bd00-2ab2_firmware
𝑥
< 4.5
siemens6gk5213-3bb00-2tb2_firmware
𝑥
< 4.5
siemens6gk5213-3bb00-2ab2_firmware
𝑥
< 4.5
siemens6gk5213-3bf00-2tb2_firmware
𝑥
< 4.5
siemens6gk5213-3bf00-2ab2_firmware
𝑥
< 4.5
siemens6gk5216-0ba00-2tb2_firmware
𝑥
< 4.5
siemens6gk5216-0ba00-2ab2_firmware
𝑥
< 4.5
siemens6gk5206-2bd00-2ac2_firmware
𝑥
< 4.5
siemens6gk5206-2bb00-2ac2_firmware
𝑥
< 4.5
siemens6gk5206-2rs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5206-2rs00-5ac2_firmware
𝑥
< 4.5
siemens6gk5206-2rs00-5fc2_firmware
𝑥
< 4.5
siemens6gk5206-2bs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5206-2bs00-2fc2_firmware
𝑥
< 4.5
siemens6gk5206-2gs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5206-2gs00-2tc2_firmware
𝑥
< 4.5
siemens6gk5206-2gs00-2fc2_firmware
𝑥
< 4.5
siemens6gk5208-0ba00-2ac2_firmware
𝑥
< 4.5
siemens6gk5208-0ba00-2fc2_firmware
𝑥
< 4.5
siemens6gk5208-0ga00-2ac2_firmware
𝑥
< 4.5
siemens6gk5208-0ga00-2tc2_firmware
𝑥
< 4.5
siemens6gk5208-0ga00-2fc2_firmware
𝑥
< 4.5
siemens6gk5208-0ra00-2ac2_firmware
𝑥
< 4.5
siemens6gk5208-0ra00-5ac2_firmware
𝑥
< 4.5
siemens6gk5216-0ba00-2ac2_firmware
𝑥
< 4.5
siemens6gk5216-3rs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5216-3rs00-5ac2_firmware
𝑥
< 4.5
siemens6gk5216-4bs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5216-4gs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5216-4gs00-2tc2_firmware
𝑥
< 4.5
siemens6gk5216-4gs00-2fc2_firmware
𝑥
< 4.5
siemens6gk5216-0ba00-2fc2_firmware
𝑥
< 4.5
siemens6gk5224-0ba00-2ac2_firmware
𝑥
< 4.5
siemens6gk5224-4gs00-2ac2_firmware
𝑥
< 4.5
siemens6gk5224-4gs00-2tc2_firmware
𝑥
< 4.5
siemens6gk5224-4gs00-2fc2_firmware
𝑥
< 4.5
siemens6gk5204-0ba00-2gf2_firmware
𝑥
< 4.5
siemens6gk5204-0ba00-2yf2_firmware
𝑥
< 4.5
siemens6gk5204-2aa00-2gf2_firmware
𝑥
< 4.5
siemens6gk5204-2aa00-2yf2_firmware
𝑥
< 4.5
siemens6gk5208-0ha00-2as6_firmware
𝑥
< 4.5
siemens6gk5208-0ha00-2ts6_firmware
𝑥
< 4.5
siemens6gk5208-0ha00-2es6_firmware
𝑥
< 4.5
siemens6gk5208-0ua00-5es6_firmware
𝑥
< 4.5
siemens6gk5216-0ha00-2as6_firmware
𝑥
< 4.5
siemens6gk5216-0ha00-2ts6_firmware
𝑥
< 4.5
siemens6gk5216-0ha00-2es6_firmware
𝑥
< 4.5
siemens6gk5216-0ua00-5es6_firmware
𝑥
< 4.5
siemens6gk5324-0ba00-3ar3_firmware
𝑥
< 4.5
siemens6gk5324-0ba00-2ar3_firmware
𝑥
< 4.5
siemens6gk5326-2qs00-3ar3_firmware
𝑥
< 4.5
siemens6gk5326-2qs00-3rr3_firmware
𝑥
< 4.5
siemens6gk5328-4fs00-3ar3_firmware
𝑥
< 4.5
siemens6gk5328-4fs00-3rr3_firmware
𝑥
< 4.5
siemens6gk5328-4fs00-2ar3_firmware
𝑥
< 4.5
siemens6gk5328-4fs00-2rr3_firmware
𝑥
< 4.5
siemens6gk5328-4ss00-3ar3_firmware
𝑥
< 4.5
siemens6gk5328-4ss00-2ar3_firmware
𝑥
< 4.5
siemens6ag1206-2bb00-7ac2_firmware
𝑥
< 4.5
siemens6ag1206-2bs00-7ac2_firmware
𝑥
< 4.5
siemens6ag1208-0ba00-7ac2_firmware
𝑥
< 4.5
siemens6ag1216-4bs00-7ac2_firmware
𝑥
< 4.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-068047.html
https://cert-portal.siemens.com/productcert/html/ssa-180704.html
https://cert-portal.siemens.com/productcert/html/ssa-602936.html
https://cert-portal.siemens.com/productcert/html/ssa-699386.html
https://cert-portal.siemens.com/productcert/html/ssa-769027.html
https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf
https://cert-portal.siemens.com/productcert/html/ssa-180704.html
https://cert-portal.siemens.com/productcert/html/ssa-602936.html
https://cert-portal.siemens.com/productcert/html/ssa-699386.html
https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf