CVE-2022-46140

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 13, 2022

Updated: Jan 14, 2025

CWE ID 327

Summary

CVE-2022-46140 is a vulnerability affecting certain devices that use a weak encryption scheme to secure debug zip files. This weakness enables authenticated attackers to decrypt the contents of the file and gain access to sensitive debug information about the system. The potential impact includes unauthorized inspection of system details, which could lead to further security compromises. The vulnerability poses a risk to the confidentiality of information and requires immediate attention for appropriate patching and encryption strengthening.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/pEG8F5
https://www.cve.org/CVERecord?id=CVE-2022-46140
https://nvd.nist.gov/vuln/detail/CVE-2022-46140

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2022-46140

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations