What is CVE-2022-38773?

CVE-2022-38773 is a medium-severity vulnerability in Siemens Simatic Drive Controller Cpu 1504d Tf, classified under CWE-1326. CVSS score: 4.6/10. Published 2023-01-10.

How severe is CVE-2022-38773?

Medium severity. CVSS v3 base score is 4.6 out of 10.

Vulnerability in Siemens Simatic Drive Controller Cpu 1504d Tf

CVE-2022-38773

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to repl…

EPSS: 0.002 (35.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.6 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:T/RC:C.

Affected products

Siemens Simatic Drive Controller Cpu 1504d Tf — versions 0
Siemens Simatic Drive Controller Cpu 1507d Tf — versions 0
Siemens Simatic S7-1500 Cpu 1510sp-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1510sp F-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1511-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1511c-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1511f-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1511t-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1511tf-1 Pn — versions 0
Siemens Simatic S7-1500 Cpu 1512c-1 Pn — versions 0

Weakness classification (CWE)

CWE-1326

References

Frequently asked questions

What is CVE-2022-38773?: CVE-2022-38773 is a medium-severity vulnerability in Siemens Simatic Drive Controller Cpu 1504d Tf, classified under CWE-1326. CVSS score: 4.6/10. Published 2023-01-10.
How severe is CVE-2022-38773?: Medium severity. CVSS v3 base score is 4.6 out of 10.