VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 12, 2022· Updated Apr 21, 2025

CVE-2022-26649

CVE-2022-26649

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.

Affected products

29
  • Siemens Foundation/Scalance X200 4p Irtcpe-rescue
    Range: All versions < V5.5.2
  • Siemens Foundation/Scalance X201 3p Irtcpe-rescue3 versions
    All versions < V5.5.2+ 2 more
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.5.2
  • Siemens Foundation/Scalance X202 2irtcpe-rescue
    Range: All versions < V5.5.2
  • Siemens Foundation/Scalance X202 2p Irtcpe-rescue3 versions
    All versions < V5.5.2+ 2 more
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.5.2
  • Siemens Foundation/Scalance X204irtcpe-rescue9 versions
    All versions < V5.2.6+ 8 more
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
  • Siemens/SCALANCE X204-2LD TSv5
    Range: All versions < V5.2.6
  • Siemens/SCALANCE X206-1LDv5
    Range: All versions < V5.2.6
  • Siemens/SCALANCE X208PROv5
    Range: All versions < V5.2.6
  • Siemens Foundation/Scalance X 200cpe-rescue
    Range: All versions < V5.2.6
  • Siemens/SCALANCE X212-2LDv5
    Range: All versions < V5.2.6
  • Siemens Foundation/SCALANCE XCM324cpe-rescue
    Range: All versions < V5.2.6
  • Siemens Foundation/Scalance Xf204irtcpe-rescue5 versions
    All versions < V5.2.6+ 4 more
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.5.2
    • (no CPE)range: All versions < V5.2.6
    • (no CPE)range: All versions < V5.2.6
  • Siemens Foundation/Scalance Xf204 2ba Irt Firmwarecpe-rescue
    Range: All versions < V5.5.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.