CVE-2024-30189 | THREATINT

Description

A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) (All versions), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) (All versions), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) (All versions), SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) (All versions), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) (All versions), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) (All versions), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) (All versions), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) (All versions), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) (All versions), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) (All versions), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) (All versions), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) (All versions), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) (All versions), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) (All versions), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) (All versions), SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) (All versions), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) (All versions), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) (All versions), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) (All versions), SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) (All versions), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) (All versions), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) (All versions), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) (All versions), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) (All versions), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) (All versions), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) (All versions), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) (All versions), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) (All versions), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) (All versions), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) (All versions), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) (All versions), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) (All versions), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) (All versions), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) (All versions), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) (All versions). This CVE refers to Scenario 1 "Leak frames from the Wi-Fi queue" of CVE-2022-47522. Affected devices queue frames in order to subsequently change the security context and leak the queued frames. This could allow a physically proximate attacker to intercept (possibly cleartext) target-destined frames.

Reserved 2024-03-25 | Published 2024-04-09 | Updated 2024-08-02 | Assigner siemens

MEDIUM: 6.1CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

Problem types

CWE-290: Authentication Bypass by Spoofing

Product status

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

Default status

unknown

Any version before *

affected

References

cert-portal.siemens.com/productcert/html/ssa-457702.html

cve.org (CVE-2024-30189)

nvd.nist.gov (CVE-2024-30189)

Download JSON