1. Home
  2. CVE Database
  3. CVE-2022-46142
MEDIUM · 5.7

CVE-2022-46142

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

Vulnerability Description

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

CVSS Score

5.7

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
SiemensRuggedcom Rm1224 Lte\(4G\) Eu FirmwareAll versions
SiemensRuggedcom Rm1224 Lte\(4G\) Eu-
SiemensRuggedcom Rm1224 Lte\(4G\) Nam FirmwareAll versions
SiemensRuggedcom Rm1224 Lte\(4G\) Nam-
SiemensScalance M804Pb FirmwareAll versions
SiemensScalance M804Pb-
SiemensScalance M812-1 Adsl-Router FirmwareAll versions
SiemensScalance M812-1 Adsl-Router-
SiemensScalance M816-1 Adsl-Router FirmwareAll versions
SiemensScalance M816-1 Adsl-Router-
SiemensScalance M826-2 Shdsl-Router FirmwareAll versions
SiemensScalance M826-2 Shdsl-Router-
SiemensScalance M874-2 FirmwareAll versions
SiemensScalance M874-2-
SiemensScalance M874-3 FirmwareAll versions
SiemensScalance M874-3-
SiemensScalance M876-3 FirmwareAll versions
SiemensScalance M876-3-
SiemensScalance M876-4 FirmwareAll versions
SiemensScalance M876-4-

Related Weaknesses (CWE)

CWE-522CWE-257

References

FAQ

What is CVE-2022-46142?

CVE-2022-46142 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

How severe is CVE-2022-46142?

CVE-2022-46142 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-46142?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Ruggedcom Rm1224 Lte\(4G\) Eu Firmware, Siemens Ruggedcom Rm1224 Lte\(4G\) Eu, Siemens Ruggedcom Rm1224 Lte\(4G\) Nam Firmware, Siemens Ruggedcom Rm1224 Lte\(4G\) Nam, Siemens Scalance M804Pb Firmware.