CVE-2022-27481

Summary

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle resources of ARP requests. This could allow an attacker to cause a race condition that leads to a crash of the entire device.

Affected Software

VendorProductVersion RangeStatus
SiemensSCALANCE W1788-1 M12All versions < V3.0.0affected
SiemensSCALANCE W1788-2 EEC M12All versions < V3.0.0affected
SiemensSCALANCE W1788-2 M12All versions < V3.0.0affected
SiemensSCALANCE W1788-2IA M12All versions < V3.0.0affected

Weaknesses

  • CWE-362: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ADP Enrichment

CVE Program Container

Additional References

References