VYPR
Unrated severityNVD Advisory· Published Jul 12, 2022· Updated Aug 3, 2024

CVE-2022-33137

CVE-2022-33137

Description

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users' sessions.

Affected products

7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.