CVE-2022-34464

Summary

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.

Affected Software

VendorProductVersion RangeStatus
SiemensSICAM GridEdge (Classic)0 < V2.7.3affected

Weaknesses

  • CWE-552: CWE-552: Files or Directories Accessible to External Parties

ADP Enrichment

CVE Program Container

Additional References

References