CVE-2022-31465
First published: Tue Jun 14 2022(Updated: )
A vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versions < VX.2.11 Update 11), Xpedition Designer VX.2.12 (All versions < VX.2.12 Update 5), Xpedition Designer VX.2.13 (All versions < VX.2.13 Update 1). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Xpedition Designer | <vx.2.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-31465.
What is the severity of CVE-2022-31465?
The severity of CVE-2022-31465 is high, with a score of 7.8.
Which software versions are affected by CVE-2022-31465?
Xpedition Designer versions < VX.2.10 Update 13, < VX.2.11 Update 11, < VX.2.12 Update 5, and < VX.2.13 Update 1 are affected by CVE-2022-31465.
How can I fix CVE-2022-31465?
To fix CVE-2022-31465, users should update their Xpedition Designer software to VX.2.10 Update 13, VX.2.11 Update 11, VX.2.12 Update 5, or VX.2.13 Update 1.
Where can I find more information about CVE-2022-31465?
More information about CVE-2022-31465 can be found at the following reference link: [Siemens Xpedition Designer Security Advisory](https://cert-portal.siemens.com/productcert/pdf/ssa-988345.pdf).
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/siemens
- canonical/siemens xpedition designer