CVE-2022-36323

Name of the Vulnerable Software and Affected Versions SCALANCE M-800 / S615 versions prior to V2.3.1 SCALANCE SC-600 family versions prior to V2.3.1 SCALANCE W-1700 IEEE 802.11ac version not specified SCALANCE W-700 IEEE 802.11ax version not specified SCALANCE W-700 IEEE 802.11n version not specified SCALANCE XB-200 switch family version not specified SCALANCE XC-200 switch family version not specified SCALANCE XF-200BA switch family version not specified SCALANCE XM-400 Family version not specified SCALANCE XP-200 switch family version not specified SCALANCE XR-300WG switch family version not specified SCALANCE XR-500 Family version not specified

Description Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Recommendations For SCALANCE M-800 / S615 versions prior to V2.3.1, update to version V2.3.1 or later. For SCALANCE SC-600 family versions prior to V2.3.1, update to version V2.3.1 or later. For other affected devices, at the moment, there is no information about a newer version that contains a fix for this vulnerability.