CVE-2022-31766 Vulnerabilities have been found in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, and SCALA END>

) that may allow an attacker to exploit vulnerabilities to take control of the device and use it in a manner that may cause Network Black-scaling or Denial of Service, or leak sensitive information. These vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) IDs: CVE-2018-1289 (RM1224 LTE(4G) EU)

CVE-2018-1290 (RM1224 LTE(4G) NAM)

CVE-2018-1291 (SCALANCE M804PB)

CVE-2018-1292 (SCALANCE M812-1 ADSL-Router (Annex A)

CVE-2018-1293 (SCALANCE M812-1 ADSL-Router (Annex B)

CVE-2018-1294 (SCALANCE M816-1 ADSL-Router (Annex A)

CVE-2018-1295 (SCALANCE M816-1 ADSL-Router (Annex B)

CVE-2018-1296 (SCALANCE M826-2 SHDSL-Router)

CVE-2018-1297 (SCALANCE M874-2)

CVE-2018-1298 (SCALANCE M874-3)

CVE-2018-1299 (SCALANCE M876-3)

CVE

Vulnerable devices and versions

RM1224 LTE(4G) EU (CVE-2018-1289)
SCALANCE M804PB (CVE-2018-1292)
SCALANCE M812-1 ADSL-Router (Annex A)
SCALANCE M816-1 ADSL-Router (Annex A)
SCALANCE M816-1 ADSL-Router (Annex B)
SCALANCE M826-2 SHDSL-Router
SCALANCE M874-2 (CVE-2018-1297)
SCALANCE M874-3
SCALANCE M876-3

Timeline

Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/14/2022 17:00:00 UTC

References

• https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31766