CVE-2024-30190
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
Summary
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0), SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0), SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0), SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0), SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0), SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0), SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0), SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0). This CVE refers to Scenario 2 "Abuse the queue for network disruptions" of CVE-2022-47522.
Affected devices can be tricked into enabling its power-saving mechanisms for a victim client. This could allow a physically proximate attacker to execute disconnection and denial-of-service attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | SCALANCE W1748-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W1748-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W1788-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W1788-2 EEC M12 | 0 < * | affected |
| Siemens | SCALANCE W1788-2 M12 | 0 < * | affected |
| Siemens | SCALANCE W1788-2IA M12 | 0 < * | affected |
| Siemens | SCALANCE W721-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W721-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W722-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W722-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W722-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W734-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W734-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W734-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W734-1 RJ45 (USA) | 0 < * | affected |
| Siemens | SCALANCE W738-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W738-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W748-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W748-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W748-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W748-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W761-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W761-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W774-1 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W774-1 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W774-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W774-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W774-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W774-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W774-1 RJ45 (USA) | 0 < * | affected |
| Siemens | SCALANCE W778-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W778-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W778-1 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W778-1 M12 EEC (USA) | 0 < * | affected |
| Siemens | SCALANCE W786-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-2 SFP | 0 < * | affected |
| Siemens | SCALANCE W786-2 SFP | 0 < * | affected |
| Siemens | SCALANCE W786-2IA RJ45 | 0 < * | affected |
| Siemens | SCALANCE W786-2IA RJ45 | 0 < * | affected |
| Siemens | SCALANCE W788-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W788-1 M12 | 0 < * | affected |
| Siemens | SCALANCE W788-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W788-1 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W788-2 M12 | 0 < * | affected |
| Siemens | SCALANCE W788-2 M12 | 0 < * | affected |
| Siemens | SCALANCE W788-2 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W788-2 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W788-2 M12 EEC | 0 < * | affected |
| Siemens | SCALANCE W788-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W788-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE W788-2 RJ45 | 0 < * | affected |
| Siemens | SCALANCE WAM763-1 | 0 < * | affected |
| Siemens | SCALANCE WAM766-1 (EU) | 0 < * | affected |
| Siemens | SCALANCE WAM766-1 (US) | 0 < * | affected |
| Siemens | SCALANCE WAM766-1 EEC (EU) | 0 < * | affected |
| Siemens | SCALANCE WAM766-1 EEC (US) | 0 < * | affected |
| Siemens | SCALANCE WUM763-1 | 0 < * | affected |
| Siemens | SCALANCE WUM763-1 | 0 < * | affected |
| Siemens | SCALANCE WUM766-1 (EU) | 0 < * | affected |
| Siemens | SCALANCE WUM766-1 (US) | 0 < * | affected |
Weaknesses
- CWE-290: CWE-290: Authentication Bypass by Spoofing
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.