CVE-2020-28391

🗓️ 12 Jan 2021 00:00:00Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 101 Views

CVE-2020-28391: Vulnerability in SCALANCE X-200, X-200IRT, X-200RNA switche

Reporter	Title	Published	Views	Family All 14
BDU FSTEC	The vulnerability of the C-PLUG memory module in industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 allows a intruder to gain increased privileges.	3 Mar 202100:00	–	bdu_fstec
Circl	CVE-2020-28391	13 Jan 202100:47	–	circl
CNNVD	Siemens SCALANCE X-200 信任管理问题问题漏洞	12 Jan 202100:00	–	cnnvd
CNVD	Scalance X Products Hard-Coded Encryption Key Vulnerability	13 Jan 202100:00	–	cnvd
Cvelist	CVE-2020-28391	12 Jan 202100:00	–	cvelist
EUVD	EUVD-2020-20850	7 Oct 202500:30	–	euvd
ICS	Siemens SCALANCE X Switches (Update B)	12 Jan 202100:00	–	ics
NCSC	Vulnerabilities fixed in Siemens Scalance products	12 Jan 202100:00	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products.	14 Sep 202100:00	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products	13 Dec 202200:00	–	ncsc

NVD

Node

siemens scalance_x200-4pirt_firmwareRange<5.5.0

AND

siemens scalance_x200-4pirtMatch-

Node

siemens scalance_x201-3pirt_firmwareRange<5.5.0

AND

siemens scalance_x201-3pirtMatch-

Node

siemens scalance_x202-2irt_firmwareRange<5.5.0

AND

siemens scalance_x202-2irtMatch-

Node

siemens scalance_x202-2pirt_firmwareRange<5.5.0

AND

siemens scalance_x202-2pirtMatch-

Node

siemens scalance_x202-2pirt_siplus_net_firmwareRange<5.5.0

AND

siemens scalance_x202-2pirt_siplus_netMatch-

Node

siemens scalance_x204irt_firmwareRange<5.5.0

AND

siemens scalance_x204irtMatch-

Node

siemens scalance_x307-3_firmware

AND

siemens scalance_x307-3Match-

Node

siemens scalance_x307-3ld_firmware

AND

siemens scalance_x307-3ldMatch-

Node

siemens scalance_x308-2_firmware

AND

siemens scalance_x308-2Match-

Node

siemens scalance_x308-2ld_firmware

AND

siemens scalance_x308-2ldMatch-

Node

siemens scalance_x308-2lh_firmware

AND

siemens scalance_x308-2lhMatch-

Node

siemens scalance_x308-2lh+_firmware

AND

siemens scalance_x308-2lh+Match-

Node

siemens scalance_x308-2m_firmware

AND

siemens scalance_x308-2mMatch-

Node

siemens scalance_x308-2m_ts_firmware

AND

siemens scalance_x308-2m_tsMatch-

Node

siemens scalance_x310_firmware

AND

siemens scalance_x310Match-

Node

siemens scalance_x310fe_firmware

AND

siemens scalance_x310feMatch-

Node

siemens scalance_x320-1fe_firmware

AND

siemens scalance_x320-1feMatch-

Node

siemens scalance_x320-3ldfe_firmware

AND

siemens scalance_x320-3ldfeMatch-

Node

siemens scalance_xb205-3_firmwareRange<5.2.5

AND

siemens scalance_xb205-3Match-

Node

siemens scalance_xb205-3ld_firmwareRange<5.2.5

AND

siemens scalance_xb205-3ldMatch-

Node

siemens scalance_xb208_firmwareRange<5.2.5

AND

siemens scalance_xb208Match-

Node

siemens scalance_xb213-3_firmwareRange<5.2.5

AND

siemens scalance_xb213-3Match-

Node

siemens scalance_xb213-3ld_firmwareRange<5.2.5

AND

siemens scalance_xb213-3ldMatch-

Node

siemens scalance_xb216_firmwareRange<5.2.5

AND

siemens scalance_xb216Match-

Node

siemens scalance_xc206-2_firmwareRange<5.2.5

AND

siemens scalance_xc206-2Match-

Node

siemens scalance_xc206-2g_poe__firmwareRange<5.2.5

AND

siemens scalance_xc206-2g_poe_Match-

Node

siemens scalance_xc206-2g_poe_eec_firmwareRange<5.2.5

AND

siemens scalance_xc206-2g_poe_eecMatch-

Node

siemens scalance_xc206-2sfp_firmwareRange<5.2.5

AND

siemens scalance_xc206-2sfpMatch-

Node

siemens scalance_xc206-2sfp_eec_firmwareRange<5.2.5

AND

siemens scalance_xc206-2sfp_eecMatch-

Node

siemens scalance_xc206-2sfp_g_firmwareRange<5.2.5

AND

siemens scalance_xc206-2sfp_gMatch-

Node

siemens scalance_xc206-2sfp_g_(e/ip)_firmwareRange<5.2.5

AND

siemens scalance_xc206-2sfp_g_(e/ip)Match-

Node

siemens scalance_xc206-2sfp_g_eec_firmwareRange<5.2.5

AND

siemens scalance_xc206-2sfp_g_eecMatch-

Node

siemens scalance_xc208_firmwareRange<5.2.5

AND

siemens scalance_xc208Match-

Node

siemens scalance_xc208eec_firmwareRange<5.2.5

AND

siemens scalance_xc208eecMatch-

Node

siemens scalance_xc208g_firmwareRange<5.2.5

AND

siemens scalance_xc208gMatch-

Node

siemens scalance_xc208g_(e/ip)_firmwareRange<5.2.5

AND

siemens scalance_xc208g_(e/ip)Match-

Node

siemens scalance_xc208g_eec_firmwareRange<5.2.5

AND

siemens scalance_xc208g_eecMatch-

Node

siemens scalance_xc208g_poe_firmwareRange<5.2.5

AND

siemens scalance_xc208g_poeMatch-

Node

siemens scalance_xc216_firmwareRange<5.2.5

AND

siemens scalance_xc216Match-

Node

siemens scalance_xc216-4c_firmwareRange<5.2.5

AND

siemens scalance_xc216-4cMatch-

Node

siemens scalance_xc216-4c_g_firmwareRange<5.2.5

AND

siemens scalance_xc216-4c_gMatch-

Node

siemens scalance_xc216-4c_g_(e/ip)_firmwareRange<5.2.5

AND

siemens scalance_xc216-4c_g_(e/ip)Match-

Node

siemens scalance_xc216-4c_g_eec_firmwareRange<5.2.5

AND

siemens scalance_xc216-4c_g_eecMatch-

Node

siemens scalance_xc216eec_firmwareRange<5.2.5

AND

siemens scalance_xc216eecMatch-

Node

siemens scalance_xc224-4c_g__firmwareRange<5.2.5

AND

siemens scalance_xc224-4c_g_Match-

Node

siemens scalance_xc224-4c_g_(e/ip)_firmwareRange<5.2.5

AND

siemens scalance_xc224-4c_g_(e/ip)Match-

Node

siemens scalance_xc224-4c_g_eec_firmwareRange<5.2.5

AND

siemens scalance_xc224-4c_g_eecMatch-

Node

siemens scalance_xc224__firmwareRange<5.2.5

AND

siemens scalance_xc224_Match-

Node

siemens scalance_xf201-3p_irt_firmwareRange<5.2.5

AND

siemens scalance_xf201-3p_irtMatch-

Node

siemens scalance_xf202-2p_irt_firmwareRange<5.2.5

AND

siemens scalance_xf202-2p_irtMatch-

Node

siemens scalance_xf204_firmwareRange<5.2.5

AND

siemens scalance_xf204Match-

Node

siemens scalance_xf204-2_firmwareRange<5.2.5

AND

siemens scalance_xf204-2Match-

Node

siemens scalance_xf204-2ba_dna_firmwareRange<5.2.5

AND

siemens scalance_xf204-2ba_dnaMatch-

Node

siemens scalance_xf204-2ba_irt_firmwareRange<5.2.5

AND

siemens scalance_xf204-2ba_irtMatch-

Node

siemens scalance_xf204_dna_firmwareRange<5.2.5

AND

siemens scalance_xf204_dnaMatch-

Node

siemens scalance_xf204irt_firmwareRange<5.2.5

AND

siemens scalance_xf204irtMatch-

Node

siemens scalance_xf206-1_firmwareRange<5.2.5

AND

siemens scalance_xf206-1Match-

Node

siemens scalance_xf208_firmwareRange<5.2.5

AND

siemens scalance_xf208Match-

Node

siemens scalance_xp208_firmwareRange<5.2.5

AND

siemens scalance_xp208Match-

Node

siemens scalance_xp208_(eip)_firmwareRange<5.2.5

AND

siemens scalance_xp208_(eip)Match-

Node

siemens scalance_xp208eec_firmwareRange<5.2.5

AND

siemens scalance_xp208eecMatch-

Node

siemens scalance_xp208poe_eec_firmwareRange<5.2.5

AND

siemens scalance_xp208poe_eecMatch-

Node

siemens scalance_xp216_firmwareRange<5.2.5

AND

siemens scalance_xp216Match-

Node

siemens scalance_xp216_(eip)_firmwareRange<5.2.5

AND

siemens scalance_xp216_(eip)Match-

Node

siemens scalance_xp216eec_firmwareRange<5.2.5

AND

siemens scalance_xp216eecMatch-

Node

siemens scalance_xp216poe_eec_firmwareRange<5.2.5

AND

siemens scalance_xp216poe_eecMatch-

[
  {
    "vendor": "Siemens",
    "product": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
    "versions": [
      {
        "version": "All versions < V5.2.5",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
    "versions": [
      {
        "version": "All versions < V5.5.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE X-200RNA switch family",
    "versions": [
      {
        "version": "All versions < V3.2.7",
        "status": "affected"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-21-012-02
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf

17 Jun 2026 03:10Current

5.4Medium risk

Vulners AI Score5.4

CVSS 24.3

CVSS 3.15.9

EPSS0.01119