What is CVE-2022-46143?

CVE-2022-46143 is a low-severity vulnerability in Siemens Ruggedcom Rm1224 Lte(4g) Eu, classified under Improper Validation of Specified Quantity in Input. CVSS score: 2.7/10. Published 2022-12-13.

How severe is CVE-2022-46143?

Low severity. CVSS v3 base score is 2.7 out of 10.

Is CVE-2022-46143 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Siemens Ruggedcom Rm1224 Lte(4g) Eu

CVE-2022-46143

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.

EPSS: 0.005 (65.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.7 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.

Affected products

Siemens Ruggedcom Rm1224 Lte(4g) Eu — versions 0
Siemens Ruggedcom Rm1224 Lte(4g) Nam — versions 0
Siemens Scalance M804pb — versions 0
Siemens Scalance M812-1 Adsl-router — versions 0
Siemens Scalance M816-1 Adsl-router — versions 0
Siemens Scalance M826-2 Shdsl-router — versions 0
Siemens Scalance M874-2 — versions 0
Siemens Scalance M874-3 — versions 0
Siemens Scalance M876-3 — versions 0
Siemens Scalance M876-3 (Rok) — versions 0

Weakness classification (CWE)

CWE-1284 — Improper Validation of Specified Quantity in Input

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

Frequently asked questions

What is CVE-2022-46143?: CVE-2022-46143 is a low-severity vulnerability in Siemens Ruggedcom Rm1224 Lte(4g) Eu, classified under Improper Validation of Specified Quantity in Input. CVSS score: 2.7/10. Published 2022-12-13.
How severe is CVE-2022-46143?: Low severity. CVSS v3 base score is 2.7 out of 10.
Is CVE-2022-46143 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.