PT-2022-20026 · Siemens · Sicam Gridedge Essential Arm+3
Published
2022-06-14
·
Updated
2025-11-12
·
CVE-2022-30230
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SICAM GridEdge Essential ARM versions prior to V2.6.6
SICAM GridEdge Essential Intel versions prior to V2.6.6
SICAM GridEdge Essential with GDS ARM versions prior to V2.6.6
SICAM GridEdge Essential with GDS Intel versions prior to V2.6.6
Description
The issue allows an unauthenticated attacker to create a new user with administrative permissions because the affected software does not require authenticated access for privileged functions.
Recommendations
For SICAM GridEdge Essential ARM versions prior to V2.6.6, update to version V2.6.6 or later.
For SICAM GridEdge Essential Intel versions prior to V2.6.6, update to version V2.6.6 or later.
For SICAM GridEdge Essential with GDS ARM versions prior to V2.6.6, update to version V2.6.6 or later.
For SICAM GridEdge Essential with GDS Intel versions prior to V2.6.6, update to version V2.6.6 or later.
Fix
LPE
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sicam Gridedge Essential Arm
Sicam Gridedge Essential Intel
Sicam Gridedge Essential With Gds Arm
Sicam Gridedge Essential With Gds Intel