CVE-2022-46144
Description
A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V2.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V2.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V2.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V2.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V2.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V2.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V2.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V2.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V2.0.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated CLI denial-of-service in Siemens SCALANCE devices when an SSH session is forcefully terminated.
Vulnerability
CVE-2022-46144 is a denial-of-service vulnerability in the CLI of multiple Siemens SCALANCE devices, including SCALANCE SC-2, WAM76x-1, WUM76x-1 families, and others. Affected versions include SCALANCE SC622-2C to SC646-2C with versions < V2.3 and >= V2.3 < V3.0, as well as SCALANCE WAM763-1, WAM766-1, WUM763-1, and WUM766-1 with versions < V2.0.0. The device does not properly process CLI commands after a user forcefully quits the SSH connection [1].
Exploitation
An authenticated attacker with network access to the device via SSH or serial interface can exploit this vulnerability. The attack requires the attacker to forcefully terminate the SSH session (e.g., by closing the connection unexpectedly). After such a forced disconnect, the CLI becomes unresponsive to subsequent commands [1].
Impact
Successful exploitation leads to a denial-of-service condition where the CLI becomes irresponsive. The device remains operational otherwise, but administrative interaction via CLI is blocked, potentially preventing legitimate management actions [1].
Mitigation
Siemens has released fixes for the affected product families. For SCALANCE SC-2 devices, the fix is available in V2.3 and V3.0. For SCALANCE WAM76x-1 and WUM76x-1 devices, the fix is available in V2.0.0 [1][2]. Users should update to the latest firmware versions as specified in the advisory. No workaround is documented.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
15- Range: < V2.3, >= V2.3 < V3.0, < V2.0.0
- Range: V2.3
- Siemens/SCALANCE SC626-2Cv5Range: V2.3
- Range: V2.3
- Range: V2.3
- Range: V2.3
- Range: V2.3
- Range: 0
0+ 2 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Range: 0
- Range: 0
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.