← Back

Scalance W1788 2 M12 Firmware

scalance_w1788-2_m12_firmware

Vendor: Siemens • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-46143
1Siemens
101Ruggedcom Rm1224 Lte(4g) Eu Firmware
Ruggedcom Rm1224 Lte(4g) Nam FirmwareScalance M804pb Firmware+98 more
Jan 14, 2025
Dec 13, 2022
5.1 MEDIUM· v4
2.7 LOW· v3
N/A· v2
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
CVE-2022-46142
1Siemens
101Ruggedcom Rm1224 Lte(4g) Eu Firmware
Ruggedcom Rm1224 Lte(4g) Nam FirmwareScalance M804pb Firmware+98 more
Jan 14, 2025
Dec 13, 2022
5.2 MEDIUM· v4
4.6 MEDIUM· v3
N/A· v2
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
CVE-2022-46140
1Siemens
101Ruggedcom Rm1224 Lte(4g) Eu Firmware
Ruggedcom Rm1224 Lte(4g) Nam FirmwareScalance M804pb Firmware+98 more
Jan 14, 2025
Dec 13, 2022
7.1 HIGH· v4
6.5 MEDIUM· v3
N/A· v2
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
CVE-2022-28329
1Siemens
4Scalance W1788 1 M12 Firmware
Scalance W1788 2 Eec M12 FirmwareScalance W1788 2 M12 Firmware+1 more
Nov 21, 2024
Apr 12, 2022
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions <...Show more
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.Show less
CVE-2022-28328
1Siemens
4Scalance W1788 1 M12 Firmware
Scalance W1788 2 Eec M12 FirmwareScalance W1788 2 M12 Firmware+1 more
Nov 21, 2024
Apr 12, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions <...Show more
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed Multicast LLC frames. This could allow an attacker to trigger a denial of service condition.Show less
CVE-2022-27481
1Siemens
4Scalance W1788 1 M12 Firmware
Scalance W1788 2 Eec M12 FirmwareScalance W1788 2 M12 Firmware+1 more
Nov 21, 2024
Apr 12, 2022
N/A· v4
5.3 MEDIUM· v3
5.7 MEDIUM· v2
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions <...Show more
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle resources of ARP requests. This could allow an attacker to cause a race condition that leads to a crash of the entire device.Show less