Lucene search
K

55 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16126

Malware in sbrugna...

5.5CVSS5.5AI score0.00301EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/26 12:0 a.m.38 views

Siemens Multiple RTOS Integer Overflow or Wraparound (CVE-2020-35198)

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

9.8CVSS8AI score0.0244EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/26 12:0 a.m.42 views

Siemens Multiple RTOS Integer Overflow or Wraparound (CVE-2020-28895)

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. SCALANCE X-200, X-200IRT, and X-300...

7.5CVSS7.7AI score0.01475EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/21 12:0 a.m.24 views

Siemens SCALANCE X-200IRT Devices Inadequate Encryption Strength (CVE-2023-29054)

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

7.4CVSS7.2AI score0.00256EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.25 views

Siemens SCALANCE X-200IRT User Impersonation (CVE-2015-1049)

The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors. Products with the following MLFBs are affected: 6GK5201-3BH00-2BA3 6GK5200-4AH00-2BA3 6GK5202-2BB00-2BA3 6GK5204-0BA00-2BA3 6GK5201-3JR00-2BA6...

6.8CVSS5.5AI score0.01698EPSS
Exploits0References3
ICS
ICS
added 2023/04/11 12:0 a.m.38 views

Siemens SCALANCE X-200IRT Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.4CVSS7AI score0.00256EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.31 views

Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28391)

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-200RNA switch family All versions V3.2.7. Devices create a new unique key upon factory reset...

5.9CVSS6.8AI score0.01119EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/03/03 12:0 a.m.6 views

The vulnerability of the C-PLUG memory module in industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 allows a intruder to gain increased privileges.

The vulnerability of the C-PLUG memory module in industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability can allow an attacker operating remotely to enhance their privileges...

9.4CVSS6.8AI score0.01119EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/03 12:0 a.m.4 views

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 lies in the absence of authentication for a critical function, allowing a perpetrator to restart the vulnerable device.

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 is related to the absence of authentication for critical functions. Exploiting this vulnerability allows a remote attacker to reboot the vulnerable device...

7.8CVSS6.9AI score0.0108EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/03 12:0 a.m.5 views

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 arises from the possibility of executing operations outside the buffer in memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a...

10CVSS8.1AI score0.01907EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2021/01/12 9:15 p.m.28 views

CVE-2020-15800

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. The webserver of t...

9.8CVSS9.4AI score0.01652EPSS
Exploits0References1
NVD
NVD
added 2021/01/12 9:15 p.m.30 views

CVE-2020-15799

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...

7.1CVSS7.1AI score0.0108EPSS
Exploits0References1
NVD
NVD
added 2021/01/12 9:15 p.m.43 views

CVE-2020-25226

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The web server of the affected devices contains a vulnerability that may lead to a buffer overflow...

10CVSS9.6AI score0.01907EPSS
Exploits0References1
OSV
OSV
added 2021/01/12 9:15 p.m.3 views

CVE-2020-15799

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...

6.5CVSS6.8AI score0.0108EPSS
Exploits0References1
OSV
OSV
added 2021/01/12 9:15 p.m.5 views

CVE-2020-25226

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The web server of the affected devices contains a vulnerability that may lead to a buffer overflow...

9.8CVSS6.1AI score0.01907EPSS
Exploits0References1
Prion
Prion
added 2021/01/12 9:15 p.m.22 views

Design/Logic Flaw

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. The webserver of t...

9.3CVSS9.3AI score0.01652EPSS
Exploits0References1Affected Software54
Prion
Prion
added 2021/01/12 9:15 p.m.26 views

Hardcoded credentials

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-200RNA switch family All versions V3.2.7. Devices create a new unique key upon factory reset...

4.3CVSS5.4AI score0.01119EPSS
Exploits0References2Affected Software54
Prion
Prion
added 2021/01/12 9:15 p.m.24 views

Design/Logic Flaw

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...

7.1CVSS7AI score0.0108EPSS
Exploits0References1Affected Software54
CVE
CVE
added 2021/01/12 8:18 p.m.78 views

CVE-2020-25226

Siemens SCALANCE X products are affected by CVE-2020-25226: heap-based/buffer overflow in the devices’ web server. Affected: SCALANCE X-200 (incl. SIPLUS NET) below v5.2.5, SCALANCE X-200IRT below v5.5.0, and SCALANCE X-300 below v4.1.0 (X-300 also affected by CVE-2020-15800 per ICS advisory). Ex...

10CVSS9.3AI score0.01907EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/12 8:18 p.m.36 views

CVE-2020-25226

A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The web server of the affected devices contains a vulnerability that may lead to a buffer overflow...

9.5AI score0.01907EPSS
Exploits0References1
Rows per page
Query Builder