CVE-2022-47069 Siemens CVE debrief

Who should care

OT/ICS teams operating Siemens SCALANCE WAB/WAM/WUB/WUM wireless devices, plus patch and asset-management teams responsible for archive-processing or firmware-update workflows in industrial environments.

Technical summary

The CVE description ties the issue to p7zip 16.02 and the function NArchive::NZip::CInArchive::FindCd(bool) in CPP/7zip/Archive/Zip/ZipIn.cpp, where a heap-buffer-overflow can occur while processing ZIP archives. Siemens' advisory maps the risk to 19 SCALANCE W700 product variants. The provided CVSS v3.1 vector (AV:L, AC:L, PR:N, UI:R, S:U, C:H, I:H, A:H) indicates local access and user interaction are required, but successful exploitation could have high confidentiality, integrity, and availability impact.

Defensive priority

High. The score is 7.8, the affected product set spans 19 Siemens SCALANCE variants, and a vendor fix is available. In OT environments, prioritize validation and planned maintenance because patching may require operational coordination.

Recommended defensive actions

• Inventory all listed affected SCALANCE models and confirm installed versions against Siemens guidance.
• Update to V3.0.0 or later as recommended by Siemens.
• Use approved OT change windows and validate rollback/backout plans before deployment.
• Reduce exposure of device-management hosts and archive-processing workflows; apply segmentation and defense-in-depth controls from CISA guidance.
• Monitor Siemens/CISA advisory updates and verify no site-specific exceptions remain open.

Evidence notes

Primary evidence comes from the CISA CSAF advisory ICSA-25-044-09 and Siemens security advisory SSA-769027. The source lists 19 affected SCALANCE product variants, a remediation of 'Update to V3.0.0 or later version,' and the CVSS v3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The advisory revision history shows the 2025-05-06 update fixed typos only. No KEV entry or known ransomware campaign use was provided in the source corpus.

Official resources