Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-25622

CVSS 5.3 · Medium EPSS 0.12% · P30
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-25622

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Siemens SIMATIC产品资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SIMATIC CFU PA是德国西门子(Siemens)公司的一款紧凑型现场设备。 多款Siemens SIMATIC产品存在资源管理错误漏洞,该漏洞源于PROFINET (PNIO) 堆栈与 Interniche IP 的堆栈集成,攻击者利用该漏洞可以进行拒绝服务攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensSIMATIC CFU DIQ 0 ~ V2.0.0 -
SiemensSIMATIC CFU PA 0 ~ V2.0.0 -
SiemensSIMATIC ET 200AL IM 157-1 PN All versions -
SiemensSIMATIC ET 200MP IM 155-5 PN HF V4.2.0 ~ * -
SiemensSIMATIC ET 200pro IM 154-8 PN/DP CPU All versions < V3.2.19 -
SiemensSIMATIC ET 200pro IM 154-8F PN/DP CPU All versions < V3.2.19 -
SiemensSIMATIC ET 200pro IM 154-8FX PN/DP CPU All versions < V3.2.19 -
SiemensSIMATIC ET 200S IM 151-8 PN/DP CPU All versions < V3.2.19 -
SiemensSIMATIC ET 200S IM 151-8F PN/DP CPU All versions < V3.2.19 -
SiemensSIMATIC ET 200SP IM 155-6 MF HF 0 ~ * -
SiemensSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) All versions -
SiemensSIMATIC ET 200SP IM 155-6 PN HF V4.2.0 ~ * -
SiemensSIMATIC ET 200SP IM 155-6 PN/2 HF V4.2.0 ~ * -
SiemensSIMATIC ET 200SP IM 155-6 PN/3 HF V4.2.0 ~ * -
SiemensSIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, CM 4x IO-Link, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, CM 8x IO-Link, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, CM 8x IO-Link, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, DI 16x24VDC, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, DI 8x24VDC, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L V5.1.1 ~ V5.1.3 -
SiemensSIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L V5.1.1 ~ V5.1.2 -
SiemensSIMATIC PN/MF Coupler All versions -
SiemensSIMATIC PN/PN Coupler All versions >= 4.2 -
SiemensSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) All versions < V2.0.0 -
SiemensSIMATIC S7-300 CPU 314C-2 PN/DP All versions < V3.3.19 -
SiemensSIMATIC S7-300 CPU 315-2 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 315F-2 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 315T-3 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 317-2 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 317F-2 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 317T-3 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 317TF-3 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 319-3 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-300 CPU 319F-3 PN/DP All versions < V3.2.19 -
SiemensSIMATIC S7-400 CPU 412-2 PN V7 0 ~ * -
SiemensSIMATIC S7-400 CPU 414-3 PN/DP V7 0 ~ * -
SiemensSIMATIC S7-400 CPU 414F-3 PN/DP V7 0 ~ * -
SiemensSIMATIC S7-400 CPU 416-3 PN/DP V7 0 ~ * -
SiemensSIMATIC S7-400 CPU 416F-3 PN/DP V7 0 ~ * -
SiemensSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) 0 ~ V6.0.10 -
SiemensSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) All versions < V10.1.1 -
SiemensSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) 0 ~ V8.2.3 -
SiemensSIMATIC TDC CP51M1 0 ~ V1.1.10 -
SiemensSIMATIC TDC CPU555 0 ~ V1.2.1 -
SiemensSIMATIC WinAC RTX 2010 All versions -
SiemensSIMATIC WinAC RTX F 2010 All versions -
SiemensSINAMICS DCM 0 ~ V1.5 SP1 -
SiemensSINAMICS G110M 0 ~ V4.7.14 -
SiemensSINAMICS G115D 0 ~ V4.7.14 -
SiemensSINAMICS G120 (incl. SIPLUS variants) 0 ~ V4.7 SP14 -
SiemensSINAMICS G130 0 ~ V5.2.3.13 -
SiemensSINAMICS G150 0 ~ V5.2.3.13 -
SiemensSINAMICS S110 0 ~ * -
SiemensSINAMICS S120 (incl. SIPLUS variants) 0 ~ V5.2 SP3 HF13 -
SiemensSINAMICS S150 0 ~ V5.2.3.13 -
SiemensSINAMICS S210 (6SL5...) 0 ~ V5.2 SP3 HF18 -
SiemensSINAMICS V90 0 ~ V1.04.04 -
SiemensSIPLUS ET 200MP IM 155-5 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200MP IM 155-5 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200MP IM 155-5 PN HF T1 RAIL V4.2.0 ~ * -
SiemensSIPLUS ET 200S IM 151-8 PN/DP CPU All versions < V3.2.19 -
SiemensSIPLUS ET 200S IM 151-8F PN/DP CPU All versions < V3.2.19 -
SiemensSIPLUS ET 200SP IM 155-6 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF T1 RAIL V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF T1 RAIL V4.2.0 ~ * -
SiemensSIPLUS ET 200SP IM 155-6 PN HF TX RAIL V4.2.0 ~ * -
SiemensSIPLUS HCS4200 CIM4210 All versions -
SiemensSIPLUS HCS4200 CIM4210C All versions -
SiemensSIPLUS HCS4300 CIM4310 All versions -
SiemensSIPLUS NET PN/PN Coupler All versions >= 4.2 -
SiemensSIPLUS S7-300 CPU 314C-2 PN/DP All versions < V3.3.19 -
SiemensSIPLUS S7-300 CPU 315-2 PN/DP All versions < V3.2.19 -
SiemensSIPLUS S7-300 CPU 315F-2 PN/DP All versions < V3.2.19 -
SiemensSIPLUS S7-300 CPU 317-2 PN/DP All versions < V3.2.19 -
SiemensSIPLUS S7-300 CPU 317F-2 PN/DP All versions < V3.2.19 -
SiemensSIPLUS S7-400 CPU 414-3 PN/DP V7 0 ~ * -
SiemensSIPLUS S7-400 CPU 416-3 PN/DP V7 0 ~ * -

II. Public POCs for CVE-2022-25622

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-25622

登录查看更多情报信息。

Same Patch Batch · Siemens · 2022-04-12 · 25 CVEs total

CVE-2021-403687.5 HIGHSiemens SIMATIC S7-400 缓冲区错误漏洞
CVE-2022-26334Siemens SCALANCE安全漏洞
CVE-2022-28663Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2022-28662Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2022-28661Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2022-28329Siemens SCALANCE输入验证错误漏洞
CVE-2022-28328Siemens SCALANCE 输入验证错误漏洞
CVE-2022-27481Siemens SCALANCE竞争条件问题漏洞
CVE-2022-27480Siemens SICAM 访问控制错误漏洞
CVE-2022-27241Siemens Mendix 信息泄露漏洞
CVE-2022-27194多款Siemens SIMATIC 产品 资源管理错误漏洞
CVE-2022-26380多款 Siemens 产品缓冲区错误漏洞
CVE-2022-26335多款 Siemens 产品安全漏洞
CVE-2022-25756多款 Siemens 产品跨站脚本漏洞
CVE-2022-25755Siemens SCALANCE 安全漏洞
CVE-2022-25754多款 Siemens 产品跨站请求伪造漏洞
CVE-2022-25753多款 Siemens 产品 缓冲区错误漏洞
CVE-2022-25752多款 Siemens 产品安全特征问题漏洞
CVE-2022-25751多款 Siemens 产品输入验证错误漏洞
CVE-2022-25650Siemens Mendix 安全漏洞

Showing top 20 of 25 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same vendor: Siemens
Same weakness: CWE-400

V. Comments for CVE-2022-25622

No comments yet

Leave a comment