CVE-2022-36324
https://notcve.org/view.php?id=CVE-2022-36324
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. Los dispositivos afectados no manejan adecuadamente la renegociación de los parámetros SSL/TLS. Esto podría permitir a un atacante remoto no autenticado eludir la prevención de fuerza bruta de TCP y provocar una condición de denegación de servicio mientras dure el ataque • https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-36323
https://notcve.org/view.php?id=CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Los dispositivos afectados no sanean correctamente un campo de entrada. Esto podría permitir a un atacante remoto autenticado con privilegios administrativos inyectar código o generar un shell de raíz del sistema • https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2020-28395
https://notcve.org/view.php?id=CVE-2020-28395
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic. Se ha identificado una vulnerabilidad en la familia de switch SCALANCE X-300 (incluidas las variantes X408 y SIPLUS NET) (todas las versiones anteriores a V4.1.0). • https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •