CVE-2023-44373

Summary

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.

Affected Software

VendorProductVersion RangeStatus
SiemensRUGGEDCOM RM1224 LTE(4G) EU0 < V8.0affected
SiemensRUGGEDCOM RM1224 LTE(4G) NAM0 < V8.0affected
SiemensSCALANCE M804PB0 < V8.0affected
SiemensSCALANCE M812-1 ADSL-Router0 < V8.0affected
SiemensSCALANCE M812-1 ADSL-Router0 < V8.0affected
SiemensSCALANCE M816-1 ADSL-Router0 < V8.0affected
SiemensSCALANCE M816-1 ADSL-Router0 < V8.0affected
SiemensSCALANCE M826-2 SHDSL-Router0 < V8.0affected
SiemensSCALANCE M874-20 < V8.0affected
SiemensSCALANCE M874-30 < V8.0affected
SiemensSCALANCE M876-30 < V8.0affected
SiemensSCALANCE M876-3 (ROK)0 < V8.0affected
SiemensSCALANCE M876-40 < V8.0affected
SiemensSCALANCE M876-4 (EU)0 < V8.0affected
SiemensSCALANCE M876-4 (NAM)0 < V8.0affected
SiemensSCALANCE MUM853-1 (EU)0 < V8.0affected
SiemensSCALANCE MUM856-1 (EU)0 < V8.0affected
SiemensSCALANCE MUM856-1 (RoW)0 < V8.0affected
SiemensSCALANCE S615 EEC LAN-Router0 < V8.0affected
SiemensSCALANCE S615 LAN-Router0 < V8.0affected
SiemensSCALANCE W721-1 RJ450 < V6.6.0affected
SiemensSCALANCE W721-1 RJ450 < V6.6.0affected
SiemensSCALANCE W722-1 RJ450 < V6.6.0affected
SiemensSCALANCE W722-1 RJ450 < V6.6.0affected
SiemensSCALANCE W722-1 RJ450 < V6.6.0affected
SiemensSCALANCE W734-1 RJ450 < V6.6.0affected
SiemensSCALANCE W734-1 RJ450 < V6.6.0affected
SiemensSCALANCE W734-1 RJ450 < V6.6.0affected
SiemensSCALANCE W734-1 RJ45 (USA)0 < V6.6.0affected
SiemensSCALANCE W738-1 M120 < V6.6.0affected
SiemensSCALANCE W738-1 M120 < V6.6.0affected
SiemensSCALANCE W748-1 M120 < V6.6.0affected
SiemensSCALANCE W748-1 M120 < V6.6.0affected
SiemensSCALANCE W748-1 RJ450 < V6.6.0affected
SiemensSCALANCE W748-1 RJ450 < V6.6.0affected
SiemensSCALANCE W761-1 RJ450 < V6.6.0affected
SiemensSCALANCE W761-1 RJ450 < V6.6.0affected
SiemensSCALANCE W774-1 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W774-1 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W774-1 RJ450 < V6.6.0affected
SiemensSCALANCE W774-1 RJ450 < V6.6.0affected
SiemensSCALANCE W774-1 RJ450 < V6.6.0affected
SiemensSCALANCE W774-1 RJ450 < V6.6.0affected
SiemensSCALANCE W774-1 RJ45 (USA)0 < V6.6.0affected
SiemensSCALANCE W778-1 M120 < V6.6.0affected
SiemensSCALANCE W778-1 M120 < V6.6.0affected
SiemensSCALANCE W778-1 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W778-1 M12 EEC (USA)0 < V6.6.0affected
SiemensSCALANCE W786-1 RJ450 < V6.6.0affected
SiemensSCALANCE W786-1 RJ450 < V6.6.0affected
SiemensSCALANCE W786-2 RJ450 < V6.6.0affected
SiemensSCALANCE W786-2 RJ450 < V6.6.0affected
SiemensSCALANCE W786-2 RJ450 < V6.6.0affected
SiemensSCALANCE W786-2 SFP0 < V6.6.0affected
SiemensSCALANCE W786-2 SFP0 < V6.6.0affected
SiemensSCALANCE W786-2IA RJ450 < V6.6.0affected
SiemensSCALANCE W786-2IA RJ450 < V6.6.0affected
SiemensSCALANCE W788-1 M120 < V6.6.0affected
SiemensSCALANCE W788-1 M120 < V6.6.0affected
SiemensSCALANCE W788-1 RJ450 < V6.6.0affected
SiemensSCALANCE W788-1 RJ450 < V6.6.0affected
SiemensSCALANCE W788-2 M120 < V6.6.0affected
SiemensSCALANCE W788-2 M120 < V6.6.0affected
SiemensSCALANCE W788-2 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W788-2 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W788-2 M12 EEC0 < V6.6.0affected
SiemensSCALANCE W788-2 RJ450 < V6.6.0affected
SiemensSCALANCE W788-2 RJ450 < V6.6.0affected
SiemensSCALANCE W788-2 RJ450 < V6.6.0affected
SiemensSCALANCE WAB762-10 < V2.4.0affected
SiemensSCALANCE WAM763-10 < V2.4.0affected
SiemensSCALANCE WAM763-1 (ME)0 < V2.4.0affected
SiemensSCALANCE WAM763-1 (US)0 < V2.4.0affected
SiemensSCALANCE WAM766-10 < V2.4.0affected
SiemensSCALANCE WAM766-1 (ME)0 < V2.4.0affected
SiemensSCALANCE WAM766-1 (US)0 < V2.4.0affected
SiemensSCALANCE WAM766-1 EEC0 < V2.4.0affected
SiemensSCALANCE WAM766-1 EEC (ME)0 < V2.4.0affected
SiemensSCALANCE WAM766-1 EEC (US)0 < V2.4.0affected
SiemensSCALANCE WUB762-10 < V2.4.0affected
SiemensSCALANCE WUB762-1 iFeatures0 < V2.4.0affected
SiemensSCALANCE WUM763-10 < V2.4.0affected
SiemensSCALANCE WUM763-10 < V2.4.0affected
SiemensSCALANCE WUM763-1 (US)0 < V2.4.0affected
SiemensSCALANCE WUM763-1 (US)0 < V2.4.0affected
SiemensSCALANCE WUM766-10 < V2.4.0affected
SiemensSCALANCE WUM766-1 (ME)0 < V2.4.0affected
SiemensSCALANCE WUM766-1 (USA)0 < V2.4.0affected

Weaknesses

  • CWE-74: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

ADP Enrichment

CVE Program Container

Additional References

References