CVE-2022-33138
CVE-2022-33138
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jul 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.
Produtos afetados
Siemens · SIMATIC MV540 HSiemens · SIMATIC MV540 SSiemens · SIMATIC MV550 HSiemens · SIMATIC MV550 SSiemens · SIMATIC MV560 USiemens · SIMATIC MV560 XQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →