CVE-2022-40147
CVE-2022-40147
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
11 Oct 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server.
Affected products
Siemens · Industrial Edge ManagementWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →