CVE-2022-46141
First published: Tue Dec 12 2023(Updated: )
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SIMATIC STEP 7 | <19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-46141?
CVE-2022-46141 has been rated as a medium severity vulnerability.
How do I fix CVE-2022-46141?
To mitigate CVE-2022-46141, update your SIMATIC STEP 7 (TIA Portal) software to version 19 or later.
Who is affected by CVE-2022-46141?
CVE-2022-46141 affects all versions of SIMATIC STEP 7 TIA Portal prior to version 19.
What type of attack does CVE-2022-46141 allow?
CVE-2022-46141 allows a local attacker to exploit information disclosure related to access level passwords.
What systems are impacted by CVE-2022-46141?
CVE-2022-46141 impacts the SIMATIC S7-1200 and S7-1500 CPU models during hardware configuration.
- agent/weakness
- agent/type
- agent/event
- agent/first-publish-date
- agent/severity
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/simatic step 7