Lucene search
K

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3193)

🗓️ 13 Mar 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 9 Views

Siemens SCALANCE X-200RNA Switch exposes sensitive information through OpenSSL vulnerability.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin:Multiple Security Vulnerabilities exist in IBM Cognos Insight
24 Feb 202007:27
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2015-3193, CVE-2015-3195, CVE-2015-1794)
8 Jun 202122:18
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affect IBM i
18 Dec 201914:26
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affect IBM MQ Light (CVE-2015-3193, CVE-2015-3194)
15 Jun 201807:04
ibm
IBM Security Bulletins
Security Bulletin: Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On
16 Jun 201820:01
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK for Node.js™
9 Aug 201804:20
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)
5 Feb 202000:53
ibm
IBM Security Bulletins
Security Bulletin: OpenSSL vulnerabilites impacting IBM Aspera Connect 3.7.4 and earlier (CVE-2017-3732, CVE-2016-7055)
24 Apr 202023:19
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2016-0701)
16 Jun 201814:08
ibm
IBM Security Bulletins
Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.
10 Nov 202212:20
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(503128);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/03/13");

  script_cve_id("CVE-2015-3193");
  script_xref(name:"ICSA", value:"22-349-21");

  script_name(english:"Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3193)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The Montgomery squaring implementation in
crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the
x86_64 platform, as used by the BN_mod_exp function, mishandles carry
propagation and produces incorrect output, which makes it easier for
remote attackers to obtain sensitive private-key information via an
attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman
Ephemeral (DHE) ciphersuite.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf");
  script_set_attribute(attribute:"see_also", value:"https://support.industry.siemens.com/cs/ww/en/view/109814809/");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-21");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3193");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(200);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_%28hsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_%28prp%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28hsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28prp%29_firmware:3.2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x204rna_eec_%28prp%2fhsr%29_firmware:3.2.7");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:scalance_x204rna_%28hsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BA00-2MB2']},
    "cpe:/o:siemens:scalance_x204rna_%28prp%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BA00-2KB2']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28hsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-2NA3']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28prp%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-3LA3']},
    "cpe:/o:siemens:scalance_x204rna_eec_%28prp%2fhsr%29_firmware:3.2.7" :
        {"versionEndExcluding" : "3.2.7", "family" : "SCALANCEX200", "orderNumbers" : ['6GK5204-0BS00-3PA3']}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Mar 2025 00:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS 25
CVSS 3.17.5
EPSS0.25137
9