What is the severity of CVE-2022-29881?

CVE-2022-29881 has been assigned a high severity rating due to the potential for exploitation.

How do I fix CVE-2022-29881?

To mitigate CVE-2022-29881, update affected Siemens SICAM P850 devices to version 3.00 or higher.

Which products are affected by CVE-2022-29881?

CVE-2022-29881 affects all versions of Siemens SICAM P850 firmware below version 3.00.

What potential impact does CVE-2022-29881 have?

CVE-2022-29881 could allow an attacker to exploit vulnerabilities, leading to device compromise and disruption of services.

Is there a mitigation strategy for CVE-2022-29881?

Yes, the best mitigation strategy for CVE-2022-29881 is to promptly apply the firmware update to the affected devices.

Vulnerability/
CVE-2022-29881

medium

5.3

CWE

306

10/5/2022

3/8/2024

CVE-2022-29881

First published: Tue May 10 2022(Updated: )

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens 7kg8500-0aa00-0aa0 Firmware	<3.00
Siemens 7kg8500-0aa00-0aa0
Siemens 7kg8500-0aa00-2aa0 Firmware	<3.00
Siemens 7kg8500-0aa00-2aa0
Siemens 7kg8500-0aa10-0aa0 Firmware	<3.00
Siemens 7kg8500-0aa10-0aa0
Siemens 7kg8500-0aa10-2aa0 Firmware	<3.00
Siemens 7kg8500-0aa10-2aa0
Siemens 7kg8500-0aa30-0aa0 Firmware	<3.00
Siemens 7kg8500-0aa30-0aa0
Siemens 7kg8500-0aa30-2aa0 Firmware	<3.00
Siemens 7kg8500-0aa30-2aa0
Siemens 7kg8501-0aa01-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa01-0aa0
Siemens 7kg8501-0aa01-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa01-2aa0
Siemens 7kg8501-0aa02-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa02-0aa0
Siemens 7kg8501-0aa02-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa02-2aa0
Siemens 7kg8501-0aa11-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa11-0aa0
Siemens 7kg8501-0aa11-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa11-2aa0
Siemens 7kg8501-0aa12-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa12-0aa0
Siemens 7kg8501-0aa12-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa12-2aa0
Siemens 7kg8501-0aa31-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa31-0aa0
Siemens 7kg8501-0aa31-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa31-2aa0
Siemens 7kg8501-0aa32-0aa0 Firmware	<3.00
Siemens 7kg8501-0aa32-0aa0
Siemens 7kg8501-0aa32-2aa0 Firmware	<3.00
Siemens 7kg8501-0aa32-2aa0
Siemens 7kg8550-0aa00-0aa0 Firmware	<3.00
Siemens 7kg8550-0aa00-0aa0
Siemens 7kg8550-0aa00-2aa0 Firmware	<3.00
Siemens 7kg8550-0aa00-2aa0
Siemens 7kg8550-0aa10-0aa0 Firmware	<3.00
Siemens 7kg8550-0aa10-0aa0
Siemens 7kg8550-0aa10-2aa0 Firmware	<3.00
Siemens 7kg8550-0aa10-2aa0
Siemens 7kg8550-0aa30-0aa0 Firmware	<3.00
Siemens 7kg8550-0aa30-0aa0
Siemens 7kg8550-0aa30-2aa0 Firmware	<3.00
Siemens 7kg8550-0aa30-2aa0
Siemens 7kg8551-0aa01-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa01-0aa0
Siemens 7kg8551-0aa01-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa01-2aa0
Siemens 7kg8551-0aa02-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa02-0aa0
Siemens 7kg8551-0aa02-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa02-2aa0
Siemens 7kg8551-0aa11-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa11-0aa0
Siemens 7kg8551-0aa11-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa11-2aa0
Siemens 7kg8551-0aa12-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa12-0aa0
Siemens 7kg8551-0aa12-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa12-2aa0
Siemens 7kg8551-0aa31-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa31-0aa0
Siemens 7kg8551-0aa31-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa31-2aa0
Siemens 7kg8551-0aa32-0aa0 Firmware	<3.00
Siemens 7kg8551-0aa32-0aa0
Siemens 7kg8551-0aa32-2aa0 Firmware	<3.00
Siemens 7kg8551-0aa32-2aa0

Remedy

https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf

Frequently Asked Questions

What is the severity of CVE-2022-29881?
CVE-2022-29881 has been assigned a high severity rating due to the potential for exploitation.
How do I fix CVE-2022-29881?
To mitigate CVE-2022-29881, update affected Siemens SICAM P850 devices to version 3.00 or higher.
Which products are affected by CVE-2022-29881?
CVE-2022-29881 affects all versions of Siemens SICAM P850 firmware below version 3.00.
What potential impact does CVE-2022-29881 have?
CVE-2022-29881 could allow an attacker to exploit vulnerabilities, leading to device compromise and disruption of services.
Is there a mitigation strategy for CVE-2022-29881?
Yes, the best mitigation strategy for CVE-2022-29881 is to promptly apply the firmware update to the affected devices.

CVE-2022-29881

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-29881?

How do I fix CVE-2022-29881?

Which products are affected by CVE-2022-29881?

What potential impact does CVE-2022-29881 have?

Is there a mitigation strategy for CVE-2022-29881?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2022-29881?

How do I fix CVE-2022-29881?

Which products are affected by CVE-2022-29881?

What potential impact does CVE-2022-29881 have?

Is there a mitigation strategy for CVE-2022-29881?