Siemens SCALANCE/RUGGEDCOM Web Interface Privilege Escalation (CVE-2022-31765)

Vulnerability Overview Vulnerability Name: SSA-552702: Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products Release Date: 2022-10-11 Last Updated: 2026-04-14 Current Version: V1.6 CVSS v3.1 Base Score: 8.8 Vulnerability Description: The listed products do not properly authorize the change password function in the web interface, which may allow low-privileged users to escalate their privileges. Impact Scope Known Affected Products: - SCALANCE S-600 family (incl. S615, MUM-2 800 and RM1224) - SCALANCE SC-600 family - SCALANCE W-700 IEEE 802.11ax family - SCALANCE W-700 IEEE 802.11n family - SCALANCE W-1700 IEEE 802.11ac family - SCALANCE 200BA/XR-300WG family - SCALANCE XM-400/XR-500 family Remediation Mitigation Measures: - Use ACLs to restrict access to the device’s web server. - Restrict access to the device’s web server ports (default 443/tcp or 80/tcp), allowing only trusted network and client IP addresses. General Security Recommendations: - It is strongly recommended to protect the security mechanisms of devices with network access. - Configure the environment according to Siemens’ operational guidelines. - Follow the recommendations provided in the product manuals. Vulnerability Details CVE-ID: CVE-2022-31765 CVSS v3.1 Base Score: 8.8 CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:RC/C CWE: CWE-862: Missing Authorization Acknowledgments Thanks to Martin Grubhofer and Michael Messner for reporting this vulnerability. Additional Information For further inquiries regarding security vulnerabilities in Siemens products and solutions, please contact Siemens ProductCERT. Historical Data V1.0 (2022-10-11): Release date V1.1 (2022-11-09): Added affected product SCALANCE S615 V1.2 (2022-12-13): Added fix for SCALANCE SC-600 series V1.3 (2023-01-10): Added fix for SCALANCE W-700 IEEE 802.11ax product family V1.4 (2023-03-14): Added fixes for affected products SCALANCE S613 EEC (6GK5615-0AA01-2AA2) and SCALANCE M876-4 (6GK5876-4AA10-2BA2) V1.5 (2023-04-13): Added fixes for SCALANCE XM-400/XR-500 series and SCALANCE XB-200/XC-200/XF-200/XR-300WG series V1.6 (2026-04-14): Added fix for SCALANCE W-700 IEEE 802.11n series Terms of Use Use of Siemens security advisories is subject to the terms and conditions listed.

Goal Reached Thanks to every supporter — we hit 100%!

Siemens SCALANCE/RUGGEDCOM Web Interface Privilege Escalation (CVE-2022-31765)