CVE-2023-44320

Name of the Vulnerable Software and Affected Versions RUGGEDCOM RM1224 LTE(4G) EU versions < V7.2.2 RUGGEDCOM RM1224 LTE(4G) NAM versions < V7.2.2 SCALANCE M804PB versions < V7.2.2 SCALANCE M812-1 ADSL-Router versions < V7.2.2 SCALANCE M816-1 ADSL-Router versions < V7.2.2 SCALANCE M826-2 SHDSL-Router versions < V7.2.2 SCALANCE M874-2 versions < V7.2.2 SCALANCE M874-3 versions < V7.2.2 SCALANCE M876-3 versions < V7.2.2 SCALANCE M876-4 versions < V7.2.2 SCALANCE MUM853-1 versions < V7.2.2 SCALANCE MUM856-1 versions < V7.2.2 SCALANCE S615 EEC LAN-Router versions < V7.2.2 SCALANCE S615 LAN-Router versions < V7.2.2 SCALANCE WAB762-1 versions < V3.0.0 SCALANCE WAM763-1 versions < V3.0.0 SCALANCE WAM766-1 versions < V3.0.0 SCALANCE WUB762-1 versions < V3.0.0 SCALANCE WUM763-1 versions < V3.0.0 SCALANCE WUM766-1 versions < V3.0.0 SCALANCE XB205-3 versions < V4.5

Description The issue is related to errors in security mechanisms, allowing a remote attacker to modify the user interface. Affected devices do not properly validate authentication when performing certain modifications in the web interface, allowing an authenticated attacker to influence the user interface configured by an administrator.

Recommendations For RUGGEDCOM RM1224 LTE(4G) EU versions < V7.2.2, update to version V7.2.2 or later. For RUGGEDCOM RM1224 LTE(4G) NAM versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M804PB versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M812-1 ADSL-Router versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M816-1 ADSL-Router versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M826-2 SHDSL-Router versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M874-2 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M874-3 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M876-3 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE M876-4 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE MUM853-1 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE MUM856-1 versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE S615 EEC LAN-Router versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE S615 LAN-Router versions < V7.2.2, update to version V7.2.2 or later. For SCALANCE WAB762-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WAM763-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WAM766-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUB762-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUM763-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUM766-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE XB205-3 versions < V4.5, update to version V4.5 or later. As a temporary workaround, consider restricting access to the web interface until a patch is available.