Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2023-44318.NASLHistoryJan 08, 2024 - 12:00 a.m.
Siemens SCALANCE Use of Hard-coded Cryptographic Key (CVE-2023-44318)
2024-01-0800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
siemens scalance
hardcoded key
cryptographic
vulnerability
attacker
configuration backup
administrative privileges
tenable.ot
scanner
5.9 Medium
AI Score
Confidence
High
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501867);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/21");
script_cve_id("CVE-2023-44318");
script_name(english:"Siemens SCALANCE Use of Hard-coded Cryptographic Key (CVE-2023-44318)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU,
RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-
Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE
M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B),
SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3,
SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4,
SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU),
SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615,
SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST,
E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN),
SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE
XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP),
SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE
XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD
(SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2
(SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE
XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE
XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE
XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208,
SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.),
SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V
DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54
V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G
(EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE
XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE
XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE
XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208
(Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE
XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE
XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG
(24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG
(without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE
XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG
(24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V),
SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC
24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP,
SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected
devices use a hardcoded key to obfuscate the configuration backup that
an administrator can export from the device. This could allow an
authenticated attacker with administrative privileges or an attacker
that obtains a configuration backup to extract configuration
information from the exported file.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-44318");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(321);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/08");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3ld_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3ld_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_3g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_4c_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_4c_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_dna_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_2ba_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_2ba_dna_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr328-4c_wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m804pb_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rm1224_lte_firmware");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:scalance_xb205-3_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5205-3BB00-2AB2","6GK5205-3BB00-2TB2","6GK5205-3BD00-2TB2","6GK5205-3BD00-2AB2"]},
"cpe:/o:siemens:scalance_xb205-3ld_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5205-3BF00-2TB2","6GK5205-3BF00-2AB2"]},
"cpe:/o:siemens:scalance_xb208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2TB2","6GK5208-0BA00-2AB2"]},
"cpe:/o:siemens:scalance_xb213-3_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5213-3BD00-2TB2","6GK5213-3BD00-2AB2","6GK5213-3BB00-2TB2","6GK5213-3BB00-2AB2"]},
"cpe:/o:siemens:scalance_xb213-3ld_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5213-3BF00-2TB2","6GK5213-3BF00-2AB2"]},
"cpe:/o:siemens:scalance_xb216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2TB2","6GK5216-0BA00-2AB2"]},
"cpe:/o:siemens:scalance_xc206-2_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BD00-2AC2","6GK5206-2BB00-2AC2"]},
"cpe:/o:siemens:scalance_xc206-2g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2RS00-2AC2","6GK5206-2RS00-5AC2"]},
"cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2RS00-5FC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BS00-2AC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BS00-2FC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2GS00-2AC2","6GK5206-2GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2GS00-2FC2"]},
"cpe:/o:siemens:scalance_xc208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc208eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2FC2"]},
"cpe:/o:siemens:scalance_xc208g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0GA00-2AC2","6GK5208-0GA00-2TC2"]},
"cpe:/o:siemens:scalance_xc208g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0GA00-2FC2"]},
"cpe:/o:siemens:scalance_xc208g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0RA00-2AC2","6GK5208-0RA00-5AC2"]},
"cpe:/o:siemens:scalance_xc216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc216_3g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-3RS00-2AC2","6GK5216-3RS00-5AC2"]},
"cpe:/o:siemens:scalance_xc216_4c_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4BS00-2AC2"]},
"cpe:/o:siemens:scalance_xc216_4c_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4GS00-2AC2","6GK5216-4GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc216_4c_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4GS00-2FC2"]},
"cpe:/o:siemens:scalance_xc216eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2FC2"]},
"cpe:/o:siemens:scalance_xc224_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc224_4c_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-4GS00-2AC2","6GK5224-4GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc224_4c_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-4GS00-2FC2"]},
"cpe:/o:siemens:scalance_xf204_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-0BA00-2GF2"]},
"cpe:/o:siemens:scalance_xf204_dna_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-0BA00-2YF2"]},
"cpe:/o:siemens:scalance_xf204_2ba_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-2AA00-2GF2"]},
"cpe:/o:siemens:scalance_xf204_2ba_dna_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-2AA00-2YF2"]},
"cpe:/o:siemens:scalance_xp208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0HA00-2AS6","6GK5208-0HA00-2TS6"]},
"cpe:/o:siemens:scalance_xp208eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0HA00-2ES6"]},
"cpe:/o:siemens:scalance_xp208poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0UA00-5ES6"]},
"cpe:/o:siemens:scalance_xp216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0HA00-2AS6","6GK5216-0HA00-2TS6"]},
"cpe:/o:siemens:scalance_xp216eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0HA00-2ES6"]},
"cpe:/o:siemens:scalance_xp216poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0UA00-5ES6"]},
"cpe:/o:siemens:scalance_xr324wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5324-0BA00-3AR3","6GK5324-0BA00-2AR3"]},
"cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5326-2QS00-3AR3","6GK5326-2QS00-3RR3"]},
"cpe:/o:siemens:scalance_xr328-4c_wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5328-4FS00-3AR3","6GK5328-4FS00-3RR3","6GK5328-4FS00-2AR3","6GK5328-4FS00-2RR3","6GK5328-4SS00-3AR3","6GK5328-4SS00-2AR3"]},
"cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1206-2BB00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1206-2BS00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1208-0BA00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1216-4BS00-7AC2"]},
"cpe:/o:siemens:scalance_m804pb_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5804-0AP00-2AA2"]},
"cpe:/o:siemens:scalance_m812-1_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5812-1AA00-2AA2","6GK5812-1BA00-2AA2"]},
"cpe:/o:siemens:scalance_m816-1_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5816-1AA00-2AA2","6GK5816-1BA00-2AA2"]},
"cpe:/o:siemens:scalance_m826-2_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5826-2AB00-2AB2"]},
"cpe:/o:siemens:scalance_m874-2_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5874-2AA00-2AA2"]},
"cpe:/o:siemens:scalance_m874-3_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5874-3AA00-2AA2"]},
"cpe:/o:siemens:scalance_m876-3_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5876-3AA02-2BA2","6GK5876-3AA02-2EA2"]},
"cpe:/o:siemens:scalance_m876-4_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5876-4AA10-2BA2","6GK5876-4AA00-2BA2","6GK5876-4AA00-2DA2"]},
"cpe:/o:siemens:scalance_mum853-1_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5853-2EA00-2DA1"]},
"cpe:/o:siemens:scalance_mum856-1_firmware" :
{"family" : "SCALANCEM", "orderNumbers": ["6GK5856-2EA00-3DA1","6GK5856-2EA00-3AA1"]},
"cpe:/o:siemens:scalance_s615_firmware" :
{"family" : "SCALANCES", "orderNumbers": ["6GK5615-0AA00-2AA2"]},
"cpe:/o:siemens:scalance_s615_eec_firmware" :
{"family" : "SCALANCES", "orderNumbers": ["6GK5615-0AA01-2AA2"]},
"cpe:/o:siemens:ruggedcom_rm1224_lte_firmware" :
{"family" : "RuggedCom", "orderNumbers": ["6GK6108-4AM00-2BA2", "6GK6108-4AM00-2DA2"]}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | scalance_xb205-3_firmware | - | cpe:/o:siemens:scalance_xb205-3_firmware:- |
| siemens | scalance_xb205-3ld_firmware | - | cpe:/o:siemens:scalance_xb205-3ld_firmware:- |
| siemens | scalance_xb208_firmware | - | cpe:/o:siemens:scalance_xb208_firmware:- |
| siemens | scalance_xb213-3_firmware | - | cpe:/o:siemens:scalance_xb213-3_firmware:- |
| siemens | scalance_xb213-3ld_firmware | - | cpe:/o:siemens:scalance_xb213-3ld_firmware:- |
| siemens | scalance_xb216_firmware | - | cpe:/o:siemens:scalance_xb216_firmware:- |
| siemens | scalance_xc206-2_firmware | - | cpe:/o:siemens:scalance_xc206-2_firmware:- |
| siemens | scalance_xc206-2g_poe_firmware | - | cpe:/o:siemens:scalance_xc206-2g_poe_firmware:- |
| siemens | scalance_xc206-2g_poe_eec_firmware | - | cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware:- |
| siemens | scalance_xc206-2sfp_firmware | - | cpe:/o:siemens:scalance_xc206-2sfp_firmware:- |
Related
cve
cve
CVE-2023-44318
2023-11-14 11:15:12
prion
prion
Hardcoded credentials
2023-11-14 11:15:00
cnvd
cnvd
Multiple Siemens products use hard-coded encryption key vulnerability
2023-11-15 00:00:00
ics
ics
Siemens SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family
2024-03-14 12:00:00
Siemens RUGGEDCOM and SCALANCE M-800/S615 Family
2023-12-14 12:00:00
Siemens SCALANCE Family Products
2023-11-16 12:00:00