CVE-2022-46142

Name: CVE-2022-46142
Creator: NVD / NIST
Published: 2022-12-13T16:15:25.067+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.2/10EPSS 0.26%

Last modified Jun 17, 2026

CVE-2022-46142 is a medium-severity vulnerability rated 5.2/10 on the CVSS scale. Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.

Description

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

Metrics

CVSS 3.1

5.7/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CVSS 4.0

5.2/10

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

0.26%

17.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Siemens	Ruggedcom Rm1224 Lte\(4g\) Eu Firmware	All versions
Siemens	Ruggedcom Rm1224 Lte\(4g\) Nam Firmware	All versions
Siemens	Scalance M804pb Firmware	All versions
Siemens	Scalance M812-1 Adsl-Router Firmware	All versions
Siemens	Scalance M816-1 Adsl-Router Firmware	All versions
Siemens	Scalance M826-2 Shdsl-Router Firmware	All versions
Siemens	Scalance M874-2 Firmware	All versions
Siemens	Scalance M874-3 Firmware	All versions
Siemens	Scalance M876-3 Firmware	All versions
Siemens	Scalance M876-4 Firmware	All versions
Siemens	Scalance Mum853-1 Firmware	All versions
Siemens	Scalance Mum856-1 Firmware	All versions
Siemens	Scalance S615 Firmware	All versions
Siemens	Scalance S615 Eec Firmware	All versions
Siemens	Scalance Sc622-2c Firmware	< 2.3
Siemens	Scalance Sc626-2c Firmware	< 2.3
Siemens	Scalance Sc632-2c Firmware	< 2.3
Siemens	Scalance Sc636-2c Firmware	< 2.3
Siemens	Scalance Sc642-2c Firmware	< 2.3
Siemens	Scalance Sc646-2c Firmware	< 2.3
Siemens	Scalance W721-1 Rj45 Firmware	All versions
Siemens	Scalance W722-1 Rj45 Firmware	All versions
Siemens	Scalance W734-1 Rj45 Firmware	All versions
Siemens	Scalance W738-1 M12 Firmware	All versions
Siemens	Scalance W748-1 M12 Firmware	All versions
Siemens	Scalance W761-1 Rj45 Firmware	All versions
Siemens	Scalance W774-1 M12 Eec Firmware	All versions
Siemens	Scalance W774-1 M12 Rj45 Firmware	All versions
Siemens	Scalance W774-1 Rj45 Firmware	All versions
Siemens	Scalance W778-1 M12 Firmware	All versions
Siemens	Scalance W778-1 M12 Eec Firmware	All versions
Siemens	Scalance W786-1 Rj45 Firmware	All versions
Siemens	Scalance W786-2 Rj45 Firmware	All versions
Siemens	Scalance W786-2 Sfp Firmware	All versions
Siemens	Scalance W786-2ia Rj45 Firmware	All versions
Siemens	Scalance W788-1 M12 Firmware	All versions
Siemens	Scalance W788-1 Rj45 Firmware	All versions
Siemens	Scalance W788-2 M12 Firmware	All versions
Siemens	Scalance W788-2 M12 Eec Firmware	All versions
Siemens	Scalance W1748-1 M12 Firmware	All versions
Siemens	Scalance W1788-1 M12 Firmware	All versions
Siemens	Scalance W1788-2 Eec M12 Firmware	All versions
Siemens	Scalance W1788-2 M12 Firmware	All versions
Siemens	Scalance W1788-2ia M12 Firmware	All versions
Siemens	Scalance Wam763-1 Firmware	All versions
Siemens	Scalance Wam766-1 Firmware	All versions
Siemens	Scalance Wam766-1 6ghz Firmware	All versions
Siemens	Scalance Wam766-1 Ecc Firmware	All versions
Siemens	Scalance Wum763-1 Firmware	All versions
Siemens	Scalance Wum766-1 Firmware	All versions

Showing 50 of 101 affected configurations. See NVD for the full list.

References

Timeline

Published: Dec 13, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-46142?

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

How severe is CVE-2022-46142?

CVE-2022-46142 has a CVSS score of 5.2/10 (MEDIUM severity). The EPSS model estimates a 0.26% probability of exploitation in the next 30 days.

How do I fix CVE-2022-46142?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-46142?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST