CVE-2022-33138
CVE-2022-33138
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jul 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.
Productos afectados
Siemens · SIMATIC MV540 HSiemens · SIMATIC MV540 SSiemens · SIMATIC MV550 HSiemens · SIMATIC MV550 SSiemens · SIMATIC MV560 USiemens · SIMATIC MV560 X¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →