CVE-2022-34464

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.
References
Configurations

Configuration 1

cpe:2.3:a:siemens:sicam_gridedge_essential_gds_intel:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential_gds_arm:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential_intel:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential_arm:-:*:*:*:*:*:*:*

Information

Published : 2022-07-12 10:15

Updated : 2022-07-19 07:07


NVD link : CVE-2022-34464

Mitre link : CVE-2022-34464

Products Affected
No products.
CWE