Vulnerabilities > Siemens > Scalance Wum766 1 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-46140 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products
Affected devices use a weak encryption scheme to encrypt the debug zip file.
network
low complexity
siemens CWE-327
6.5
2022-12-13 CVE-2022-46142 Storing Passwords in a Recoverable Format vulnerability in Siemens products
Affected devices store the CLI user passwords encrypted in flash memory.
low complexity
siemens CWE-257
5.7
2022-12-13 CVE-2022-46143 Improper Validation of Specified Quantity in Input vulnerability in Siemens products
Affected devices do not check the TFTP blocksize correctly.
network
low complexity
siemens CWE-1284
2.7
2022-10-11 CVE-2022-31766 Improper Input Validation vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0).
network
low complexity
siemens CWE-20
8.6
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-26140 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
6.5