What is the severity of CVE-2022-45937?

CVE-2022-45937 has been classified as a moderate severity vulnerability.

How do I fix CVE-2022-45937?

To fix CVE-2022-45937, upgrade to the latest versions of affected software as specified by Siemens.

Which versions are affected by CVE-2022-45937?

CVE-2022-45937 affects all versions of certain Siemens firmware below specified versions including APOGEE PXC Compact, Modular, and TALON TC products.

What are the potential impacts of exploiting CVE-2022-45937?

Exploiting CVE-2022-45937 could allow unauthorized access and manipulation of the vulnerable systems.

Is there a patch for CVE-2022-45937?

Yes, Siemens has released patches to address CVE-2022-45937 which should be applied immediately.

Vulnerability/
CVE-2022-45937

high

8.8

CWE

284

13/12/2022

21/11/2024

CVE-2022-45937

First published: Tue Dec 13 2022(Updated: )

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the device containing user account credentials.

Credit: productcert@siemens.com productcert@siemens.com

Affected Software	Affected Version	How to fix
All of
Siemens Pxc00-e96.a Firmware	<3.5.5
Siemens Pxc00-e96.a
All of
Siemens Pxc100-e96.a Firmware	<3.5.5
Siemens Pxc100-e96.a
All of
Siemens Pxx-485.3 Firmware	<3.5.5
Siemens Pxx-485.3
All of
Siemens Pxc16.2-pe.a Firmware	<2.8.20
Siemens Pxc16.2-pe.a
All of
Siemens Pxc24.2-pe.a Firmware	<2.8.20
Siemens Pxc24.2-pe.a
All of
Siemens Pxc24.2-pef.a Firmware	<2.8.20
Siemens Pxc24.2-pef.a
All of
Siemens Pxc24.2-per.a Firmware	<2.8.20
Siemens Pxc24.2-per.a
All of
Siemens Pxc24.2-perf.a Firmware	<2.8.20
Siemens Pxc24.2-perf.a
All of
siemens TALON TC Modular (bacnet) firmware	<3.5.5
siemens TALON TC Modular (bacnet)
Siemens Pxc00-e96.a Firmware	<3.5.5
Siemens Pxc00-e96.a
Siemens Pxc100-e96.a Firmware	<3.5.5
Siemens Pxc100-e96.a
Siemens Pxx-485.3 Firmware	<3.5.5
Siemens Pxx-485.3
Siemens Pxc16.2-pe.a Firmware	<2.8.20
Siemens Pxc16.2-pe.a
Siemens Pxc24.2-pe.a Firmware	<2.8.20
Siemens Pxc24.2-pe.a
Siemens Pxc24.2-pef.a Firmware	<2.8.20
Siemens Pxc24.2-pef.a
Siemens Pxc24.2-per.a Firmware	<2.8.20
Siemens Pxc24.2-per.a
Siemens Pxc24.2-perf.a Firmware	<2.8.20
Siemens Pxc24.2-perf.a
siemens TALON TC Modular (bacnet) firmware	<3.5.5
siemens TALON TC Modular (bacnet)

Remedy

https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf

Frequently Asked Questions

What is the severity of CVE-2022-45937?
CVE-2022-45937 has been classified as a moderate severity vulnerability.
How do I fix CVE-2022-45937?
To fix CVE-2022-45937, upgrade to the latest versions of affected software as specified by Siemens.
Which versions are affected by CVE-2022-45937?
CVE-2022-45937 affects all versions of certain Siemens firmware below specified versions including APOGEE PXC Compact, Modular, and TALON TC products.
What are the potential impacts of exploiting CVE-2022-45937?
Exploiting CVE-2022-45937 could allow unauthorized access and manipulation of the vulnerable systems.
Is there a patch for CVE-2022-45937?
Yes, Siemens has released patches to address CVE-2022-45937 which should be applied immediately.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/severity
agent/remedy
agent/description
agent/first-publish-date
agent/last-modified-date
agent/author
agent/event
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
agent/softwarecombine
vendor/siemens
canonical/siemens pxc00-e96.a firmware
canonical/siemens pxc00-e96.a
canonical/siemens pxc100-e96.a firmware
canonical/siemens pxc100-e96.a
canonical/siemens pxx-485.3 firmware
canonical/siemens pxx-485.3
canonical/siemens pxc16.2-pe.a firmware
canonical/siemens pxc16.2-pe.a
canonical/siemens pxc24.2-pe.a firmware
canonical/siemens pxc24.2-pe.a
canonical/siemens pxc24.2-pef.a firmware
canonical/siemens pxc24.2-pef.a
canonical/siemens pxc24.2-per.a firmware
canonical/siemens pxc24.2-per.a
canonical/siemens pxc24.2-perf.a firmware
canonical/siemens pxc24.2-perf.a
canonical/siemens talon tc modular (bacnet) firmware
canonical/siemens talon tc modular (bacnet)

Frequently Asked Questions

What is the severity of CVE-2022-45937?
CVE-2022-45937 has been classified as a moderate severity vulnerability.
How do I fix CVE-2022-45937?
To fix CVE-2022-45937, upgrade to the latest versions of affected software as specified by Siemens.
Which versions are affected by CVE-2022-45937?
CVE-2022-45937 affects all versions of certain Siemens firmware below specified versions including APOGEE PXC Compact, Modular, and TALON TC products.
What are the potential impacts of exploiting CVE-2022-45937?
Exploiting CVE-2022-45937 could allow unauthorized access and manipulation of the vulnerable systems.
Is there a patch for CVE-2022-45937?
Yes, Siemens has released patches to address CVE-2022-45937 which should be applied immediately.

CVE-2022-45937

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-45937?

How do I fix CVE-2022-45937?

Which versions are affected by CVE-2022-45937?

What are the potential impacts of exploiting CVE-2022-45937?

Is there a patch for CVE-2022-45937?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2022-45937?

How do I fix CVE-2022-45937?

Which versions are affected by CVE-2022-45937?

What are the potential impacts of exploiting CVE-2022-45937?

Is there a patch for CVE-2022-45937?