1. Home
  2. CVE Database
  3. CVE-2022-46140
MEDIUM · 6.5

CVE-2022-46140

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the sys...

Vulnerability Description

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SiemensRuggedcom Rm1224 Lte\(4G\) Eu FirmwareAll versions
SiemensRuggedcom Rm1224 Lte\(4G\) Eu-
SiemensRuggedcom Rm1224 Lte\(4G\) Nam FirmwareAll versions
SiemensRuggedcom Rm1224 Lte\(4G\) Nam-
SiemensScalance M804Pb FirmwareAll versions
SiemensScalance M804Pb-
SiemensScalance M812-1 Adsl-Router FirmwareAll versions
SiemensScalance M812-1 Adsl-Router-
SiemensScalance M816-1 Adsl-Router FirmwareAll versions
SiemensScalance M816-1 Adsl-Router-
SiemensScalance M826-2 Shdsl-Router FirmwareAll versions
SiemensScalance M826-2 Shdsl-Router-
SiemensScalance M874-2 FirmwareAll versions
SiemensScalance M874-2-
SiemensScalance M874-3 FirmwareAll versions
SiemensScalance M874-3-
SiemensScalance M876-3 FirmwareAll versions
SiemensScalance M876-3-
SiemensScalance M876-4 FirmwareAll versions
SiemensScalance M876-4-

Related Weaknesses (CWE)

CWE-327

References

FAQ

What is CVE-2022-46140?

CVE-2022-46140 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the sys...

How severe is CVE-2022-46140?

CVE-2022-46140 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-46140?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Ruggedcom Rm1224 Lte\(4G\) Eu Firmware, Siemens Ruggedcom Rm1224 Lte\(4G\) Eu, Siemens Ruggedcom Rm1224 Lte\(4G\) Nam Firmware, Siemens Ruggedcom Rm1224 Lte\(4G\) Nam, Siemens Scalance M804Pb Firmware.