CVE-2022-40226: CVE-2022-40226

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-40226

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices accept user defined session cookies and do not renew the session cookie after login/logout. This could allow an attacker to take over another user's session after login.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

会话固定

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Siemens产品授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Siemens SICAM是德国西门子（Siemens）公司的一个综合变电站自动化系统。 Siemens 多款产品存在安全漏洞，该漏洞源于受影响的设备接受用户定义的会话 cookie，并且不会在登录/注销后更新会话 cookie。这可能允许攻击者在登录后接管另一个用户的会话。Desigo PXM30-1 V02.20.126.11-41版本之前，Desigo PXM30.E V02.20.126.11-41版本之前，Desigo PXM40-1 V02.20.126.11-41版本之前，Desigo PX

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P850	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM P855	All versions < V3.10	-
Siemens	SICAM T	0 ~ V3.0	-

II. Public POCs for CVE-2022-40226

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-40226

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: SICAM P850

Same vendor: Siemens

Same weakness: CWE-384

V. Comments for CVE-2022-40226

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-40226

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-40226

III. Intelligence Information for CVE-2022-40226

IV. Related Vulnerabilities

V. Comments for CVE-2022-40226

Leave a comment