Vulnerability Details CVE-2022-23449
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.4%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 6.9
References
Products affected by CVE-2022-23449
-
cpe:2.3:a:siemens:simatic_energy_manager_basic:*
-
cpe:2.3:a:siemens:simatic_energy_manager_basic:7.3
-
cpe:2.3:a:siemens:simatic_energy_manager_pro:*
-
cpe:2.3:a:siemens:simatic_energy_manager_pro:7.3