CVE-2022-43546
CRITICAL
9.9
CVSS 3.1
Description
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Metadata
Severity & Metrics
9.9
CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
SSVC — CISA Coordinator
Affected products (40)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Siemens | POWER METER SICAM Q100 | — | All versions < V2.50 |
| Siemens | POWER METER SICAM Q100 | — | All versions < V2.50 |
| Siemens | POWER METER SICAM Q100 | — | All versions < V2.50 |
| Siemens | POWER METER SICAM Q100 | — | All versions < V2.50 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P850 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
| Siemens | SICAM P855 | — | All versions < V3.10 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-20 | cna | CWE-20: Improper Input Validation |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.9 | CRITICAL | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
References (3)