CVE-2022-31766 Information

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2) RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2) SCALANCE M804PB (All versions < V7.1.2) SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2) SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2) SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2) SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2) SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2) SCALANCE M874-2 (All versions < V7.1.2) SCALANCE M874-3 (All versions < V7.1.2) SCALANCE M876-3 (EVDO) (All versions < V7.1.2) SCALANCE M876-3 (ROK) (All versions < V7.1.2) SCALANCE M876-4 (EU) (All versions < V7.1.2) SCALANCE M876-4 (NAM) (All versions < V7.1.2) SCALANCE MUM853-1 (EU) (All versions < V7.1.2) SCALANCE MUM856-1 (EU) (All versions < V7.1.2) SCALANCE MUM856-1 (RoW) (All versions < V7.1.2) SCALANCE S615 (All versions < V7.1.2) SCALANCE WAM763-1 (All versions >= V1.1.0) SCALANCE WAM766-1 (All versions >= V1.1.0) SCALANCE WAM766-1 (All versions >= V1.1.0) SCALANCE WAM766-1 6GHz (All versions >= V1.1.0) SCALANCE WAM766-1 EEC (All versions >= V1.1.0) SCALANCE WAM766-1 EEC (All versions >= V1.1.0) SCALANCE WAM766-1 EEC 6GHz (All versions >= V1.1.0) SCALANCE WUM763-1 (All versions >= V1.1.0) SCALANCE WUM763-1 (All versions >= V1.1.0) SCALANCE WUM766-1 (All versions >= V1.1.0) SCALANCE WUM766-1 (All versions >= V1.1.0) SCALANCE WUM766-1 6GHz (All versions >= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources.

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf