CVE-2022-34464 MEDIUM

CVE-2022-34464

Vendor Siemens

Product SICAM GridEdge (Classic)

Weakness CWE-552 · Files accessible externally

Published July 12, 2022

Last update November 12, 2025

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.

Key dates

02Disclosure timeline

July 12, 2022 CVE published

November 12, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-34464 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/552.html

Related vulnerabilities

CVE-2022-34464

01Description

02Disclosure timeline

03References

04Related CVE