CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-26476

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 5.4

References

https://cert-portal.siemens.com/productcert/pdf/ssa-388239.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-388239.pdf

Products affected by CVE-2022-26476

Siemens » Spectrum Power 4 » Version: N/A

cpe:2.3:a:siemens:spectrum_power_4:-
Siemens » Spectrum Power 7 » Version: N/A

cpe:2.3:a:siemens:spectrum_power_7:-
Siemens » Spectrum Power Microgrid Management System » Version: N/A

cpe:2.3:a:siemens:spectrum_power_microgrid_management_system:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26476

Products

Pricing

Contact Us