CVE-2022-25752
First published: Tue Apr 12 2022(Updated: )
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Scalance X302-7EEC Firmware | <4.1.4 | |
| Siemens SCALANCE X302-7 EEC | ||
| Siemens Scalance X304-2FE | <4.1.4 | |
| Siemens SCALANCE X304-2FE (6GK5304-2BD00-2AA3) | ||
| Siemens Scalance X306-1LDFe | <4.1.4 | |
| Siemens Scalance X306-1LDFE Firmware | ||
| Siemens Scalance X307-2EEC | <4.1.4 | |
| Siemens SCALANCE X307-2EEC Firmware | ||
| Siemens Scalance X307-3 | <4.1.4 | |
| Siemens SCALANCE X307-3 | ||
| Siemens Scalance X307-3LD Firmware | <4.1.4 | |
| Siemens SCALANCE X307-3LD | ||
| Siemens SIPLUS NET SCALANCE X308-2 firmware | <4.1.4 | |
| Siemens Scalance X308-2M PoE | ||
| Siemens Scalance X308-2LD | <4.1.4 | |
| Siemens Scalance X308-2LD | ||
| Siemens Scalance X308-2LH | <4.1.4 | |
| Siemens Scalance X308-2LH | ||
| Siemens Scalance X308-2LH+ Firmware | <4.1.4 | |
| Siemens Scalance X308-2LH+ | ||
| Siemens Scalance X308-2M | <4.1.4 | |
| Siemens Scalance X308-2M Firmware | ||
| Siemens Scalance X308-2M PoE | ||
| Siemens SCALANCE X308-2M PoE Firmware | ||
| Siemens Scalance X308-2M PoE | <4.1.4 | |
| Siemens SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) | ||
| Siemens Scalance X310 | <4.1.4 | |
| Siemens Scalance X310 | ||
| Siemens Scalance X310FE | <4.1.4 | |
| Siemens Scalance X310FE | ||
| Siemens Scalance X320-1FE | <4.1.4 | |
| Siemens SCALANCE X320-1 FE | ||
| Siemens SCALANCE X320-1-2LDFe | <4.1.4 | |
| Siemens SCALANCE X320-1-2LD FE | ||
| Siemens SCALANCE X408-2 | <4.1.4 | |
| Siemens SCALANCE X408-2 | ||
| Siemens Scalance XR324-4M EEC Firmware | <4.1.4 | |
| Siemens Scalance XR324-4M EEC Firmware | ||
| Siemens SCALANCE XR324-4M PoE | <4.1.4 | |
| Siemens Scalance XR324-4M PoE Firmware | ||
| Siemens Scalance XR324-4M PoE TS | <4.1.4 | |
| Siemens Scalance XR324-4M PoE TS | ||
| Siemens Scalance XR324-12M | <4.1.4 | |
| Siemens Scalance XR324-12M Firmware | ||
| Siemens Scalance XR324-12M TS | <4.1.4 | |
| Siemens Scalance XR324-12M | ||
| Siemens SIPLUS NET SCALANCE X308-2 | <4.1.4 | |
| Siemens SIPLUS NET SCALANCE X308-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-25752?
The severity rating of CVE-2022-25752 is critical with a value of 9.8.
What is the affected software for CVE-2022-25752?
The affected software for CVE-2022-25752 is Siemens Scalance X302-7 EEC firmware version up to 4.1.4.
How can I fix CVE-2022-25752?
To fix CVE-2022-25752, update Siemens Scalance X302-7 EEC firmware to a version above 4.1.4.
What is the Common Weakness Enumeration (CWE) ID for CVE-2022-25752?
The Common Weakness Enumeration (CWE) ID for CVE-2022-25752 is CWE-330.
Where can I find more information about CVE-2022-25752?
You can find more information about CVE-2022-25752 in the Siemens ProductCERT advisory at https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf
- agent/type
- agent/author
- agent/remedy
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens scalance x302-7eec firmware
- canonical/siemens scalance x302-7 eec
- canonical/siemens scalance x304-2fe
- canonical/siemens scalance x304-2fe (6gk5304-2bd00-2aa3)
- canonical/siemens scalance x306-1ldfe
- canonical/siemens scalance x306-1ldfe firmware
- canonical/siemens scalance x307-2eec
- canonical/siemens scalance x307-2eec firmware
- canonical/siemens scalance x307-3
- canonical/siemens scalance x307-3ld firmware
- canonical/siemens scalance x307-3ld
- canonical/siemens siplus net scalance x308-2 firmware
- canonical/siemens scalance x308-2m poe
- canonical/siemens scalance x308-2ld
- canonical/siemens scalance x308-2lh
- canonical/siemens scalance x308-2lh+ firmware
- canonical/siemens scalance x308-2lh+
- canonical/siemens scalance x308-2m
- canonical/siemens scalance x308-2m firmware
- canonical/siemens scalance x308-2m poe firmware
- canonical/siemens scalance x308-2m ts (6gk5308-2gg00-2ca2)
- canonical/siemens scalance x310
- canonical/siemens scalance x310fe
- canonical/siemens scalance x320-1fe
- canonical/siemens scalance x320-1 fe
- canonical/siemens scalance x320-1-2ldfe
- canonical/siemens scalance x320-1-2ld fe
- canonical/siemens scalance x408-2
- canonical/siemens scalance xr324-4m eec firmware
- canonical/siemens scalance xr324-4m poe
- canonical/siemens scalance xr324-4m poe firmware
- canonical/siemens scalance xr324-4m poe ts
- canonical/siemens scalance xr324-12m
- canonical/siemens scalance xr324-12m firmware
- canonical/siemens scalance xr324-12m ts
- canonical/siemens siplus net scalance x308-2