Vulnerability in Siemens Ruggedcom Rm1224 Lte(4g) Eu
CVE-2022-46140
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.001 (24.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Siemens Ruggedcom Rm1224 Lte(4g) Eu — versions 0
- Siemens Ruggedcom Rm1224 Lte(4g) Nam — versions 0
- Siemens Scalance M804pb — versions 0
- Siemens Scalance M812-1 Adsl-router — versions 0
- Siemens Scalance M816-1 Adsl-router — versions 0
- Siemens Scalance M826-2 Shdsl-router — versions 0
- Siemens Scalance M874-2 — versions 0
- Siemens Scalance M874-3 — versions 0
- Siemens Scalance M876-3 — versions 0
- Siemens Scalance M876-3 (Rok) — versions 0
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2022-46140?
- CVE-2022-46140 is a medium-severity vulnerability in Siemens Ruggedcom Rm1224 Lte(4g) Eu, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 6.5/10. Published 2022-12-13.
- How severe is CVE-2022-46140?
- Medium severity. CVSS v3 base score is 6.5 out of 10.
- Is CVE-2022-46140 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.