CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24532
https://notcve.org/view.php?id=CVE-2025-24532
11 Feb 2025 — A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALA... • https://cert-portal.siemens.com/productcert/html/ssa-769027.html • CWE-284: Improper Access Control •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24499
https://notcve.org/view.php?id=CVE-2025-24499
11 Feb 2025 — A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALA... • https://cert-portal.siemens.com/productcert/html/ssa-769027.html • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-23814
https://notcve.org/view.php?id=CVE-2024-23814
11 Feb 2025 — A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALA... • https://cert-portal.siemens.com/productcert/html/ssa-769027.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.4EPSS: 0%CPEs: 64EXPL: 0CVE-2024-30191
https://notcve.org/view.php?id=CVE-2024-30191
09 Apr 2024 — A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0), SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0), SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0), SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0), SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0... • https://cert-portal.siemens.com/productcert/html/ssa-457702.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.1EPSS: 0%CPEs: 64EXPL: 0CVE-2024-30190
https://notcve.org/view.php?id=CVE-2024-30190
09 Apr 2024 — A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0), SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0), SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0), SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0), SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0... • https://cert-portal.siemens.com/productcert/html/ssa-457702.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.1EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46140
https://notcve.org/view.php?id=CVE-2022-46140
13 Dec 2022 — Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. Los dispositivos afectados utilizan un esquema de cifrado débil para cifrar el archivo zip de depuración. Esto podría permitir a un atacante autenticado descifrar el contenido del archivo y recuperar información de depuración sobre el sistema. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.1EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46142
https://notcve.org/view.php?id=CVE-2022-46142
13 Dec 2022 — Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. Los dispositivos afectados almacenan las contraseñas de usuario de CLI cifradas en la memoria flash. Los atacantes con acceso físico al dispositivo podrían recuperar el archivo y descifrar las contraseñas de usuario de la CLI. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-257: Storing Passwords in a Recoverable Format CWE-522: Insufficiently Protected Credentials •
CVSS: 5.1EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46143
https://notcve.org/view.php?id=CVE-2022-46143
13 Dec 2022 — Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. Los dispositivos afectados no verifican correctamente el tamaño del bloque TFTP. Esto podría permitir que un atacante autenticado lea desde un búfer no inicializado que potencialmente contenga datos previamente asignados. • https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 8.6EPSS: 0%CPEs: 34EXPL: 0CVE-2022-31766
https://notcve.org/view.php?id=CVE-2022-31766
11 Oct 2022 — A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (Al... • https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 408EXPL: 0CVE-2020-26140 – kernel: accepting plaintext data frames in protected networks
https://notcve.org/view.php?id=CVE-2020-26140
11 May 2021 — An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration. Se detectó un problema en el controlador ALFA de Windows 10 versión 6.1316.1209 para AWUS036H. Las implementaciones WEP, WPA, WPA2 y WPA3 aceptan tramas de texto plano en una red Wi-Fi protegida. • http://www.openwall.com/lists/oss-security/2021/05/11/12 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-346: Origin Validation Error •