CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2023-44317
https://notcve.org/view.php?id=CVE-2023-44317
Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. Se ha identificado una vulnerabilidad en: SCALANCE XB205-3 (SC, PN) (V < 4.5), SCALANCE XB205-3 (ST, E/IP) (V < 4.5), SCALANCE XB205-3 (ST , E/IP) (V < 4.5), SCALANCE XB205-3 (ST, PN) (V < 4.5), SCALANCE XB205-3LD (SC, E/IP) (V < 4.5 ), SCALANCE XB205-3LD (SC, PN) (V < 4.5), SCALANCE XB208 (E/IP) (V < 4.5), SCALANCE XB208 (PN) (V < 4.5), SCALANCE XB213-3 (SC, E/IP) (V < 4.5), SCALANCE XB213-3 (SC, PN) (V < 4.5), SCALANCE XB213-3 (ST, E/IP) ( V < 4.5), SCALANCE XB213-3 (ST, PN) (V < 4.5), SCALANCE XB213-3LD (SC, E/IP) (V < 4.5), SCALANCE XB213-3LD (SC, PN) (V < 4.5), SCALANCE XB216 (E/IP) (V < 4.5), SCALANCE XB216 (PN) (V < 4.5), SCALANCE XC206-2 (SC ) (V < 4.5), SCALANCE XC206-2 (ST/BFOC) (V < 4.5), SCALANCE XC206-2G PoE (V < 4.5), SCALANCE XC206-2G PoE (54 V DC) (V < 4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (V < 4.5), SCALANCE XC206-2SFP (V < 4.5), SCALANCE XC206-2SFP EEC ( V < 4.5), SCALANCE XC206-2SFP G (V < 4.5), SCALANCE XC206-2SFP G (EIP DEF.) (V < 4.5), SCALANCE XC206-2SFP G EEC (V < 4.5), SCALANCE XC208 (V < 4.5), SCALANCE XC208EEC (V < 4.5), SCALANCE XC208G (V < 4.5), SCALANCE XC208G (EIP def.) (V < 4.5), SCALANCE XC208G EEC (V < 4.5), SCALANCE XC208G PoE (V < 4.5), SCALANCE XC208G PoE (54 V DC) (V < 4.5), SCALANCE XC216 (V < 4.5), SCALANCE XC216-3G PoE (V < 4.5), SCALANCE XC216-3G PoE (54 V DC) (V < 4.5), SCALANCE XC216-4C (V < 4. 5), SCALANCE XC216-4C G (V < 4.5), SCALANCE XC216-4C G (EIP Def.) (V < 4.5), SCALANCE XC216-4C G EEC (V < 4.5) , SCALANCE XC216EEC (V < 4.5), SCALANCE XC224 (V < 4.5), SCALANCE XC224-4C G (V < 4.5), SCALANCE XC224-4C G (EIP Def.) • https://cert-portal.siemens.com/productcert/html/ssa-068047.html https://cert-portal.siemens.com/productcert/html/ssa-602936.html https://cert-portal.siemens.com/productcert/html/ssa-699386.html https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf https://cert-portal.siemens.com/productcert/html/ssa-690517.html • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.4EPSS: 0%CPEs: 30EXPL: 0CVE-2023-29054
https://notcve.org/view.php?id=CVE-2023-29054
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. • https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46140
https://notcve.org/view.php?id=CVE-2022-46140
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. Los dispositivos afectados utilizan un esquema de cifrado débil para cifrar el archivo zip de depuración. Esto podría permitir a un atacante autenticado descifrar el contenido del archivo y recuperar información de depuración sobre el sistema. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.7EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46142
https://notcve.org/view.php?id=CVE-2022-46142
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. Los dispositivos afectados almacenan las contraseñas de usuario de CLI cifradas en la memoria flash. Los atacantes con acceso físico al dispositivo podrían recuperar el archivo y descifrar las contraseñas de usuario de la CLI. • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-257: Storing Passwords in a Recoverable Format CWE-522: Insufficiently Protected Credentials •
CVSS: 2.7EPSS: 0%CPEs: 202EXPL: 0CVE-2022-46143
https://notcve.org/view.php?id=CVE-2022-46143
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. Los dispositivos afectados no verifican correctamente el tamaño del bloque TFTP. Esto podría permitir que un atacante autenticado lea desde un búfer no inicializado que potencialmente contenga datos previamente asignados. • https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf https://cert-portal.siemens.com/productcert/html/ssa-413565.html https://cert-portal.siemens.com/productcert/html/ssa-180704.html • CWE-1284: Improper Validation of Specified Quantity in Input •