// For flags

CVE-2023-29054

 

Severity Score

7.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.

This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data
passed over the connection between legitimate clients and the affected device.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-03-30 CVE Reserved
  • 2023-04-11 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-11-01 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-326: Inadequate Encryption Strength
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Scalance X200-4p Irt Firmware
Search vendor "Siemens" for product "Scalance X200-4p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X200-4p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X200-4p Irt
Search vendor "Siemens" for product "Scalance X200-4p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Firmware
Search vendor "Siemens" for product "Scalance X201-3p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X201-3p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X201-3p Irt
Search vendor "Siemens" for product "Scalance X201-3p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Pro Firmware
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X201-3p Irt Pro
Search vendor "Siemens" for product "Scalance X201-3p Irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2irt Firmware
Search vendor "Siemens" for product "Scalance X202-2irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X202-2irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2irt
Search vendor "Siemens" for product "Scalance X202-2irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2irt Firmware
Search vendor "Siemens" for product "Scalance X202-2irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X202-2irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2irt
Search vendor "Siemens" for product "Scalance X202-2irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Firmware
Search vendor "Siemens" for product "Scalance X202-2p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X202-2p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2p Irt
Search vendor "Siemens" for product "Scalance X202-2p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Pro Firmware
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X202-2p Irt Pro
Search vendor "Siemens" for product "Scalance X202-2p Irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204irt Firmware
Search vendor "Siemens" for product "Scalance X204irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X204irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204irt
Search vendor "Siemens" for product "Scalance X204irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204irt Firmware
Search vendor "Siemens" for product "Scalance X204irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X204irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204irt
Search vendor "Siemens" for product "Scalance X204irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204irt Pro Firmware
Search vendor "Siemens" for product "Scalance X204irt Pro Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance X204irt Pro Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204irt Pro
Search vendor "Siemens" for product "Scalance X204irt Pro"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf201-3p Irt Firmware
Search vendor "Siemens" for product "Scalance Xf201-3p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance Xf201-3p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf201-3p Irt
Search vendor "Siemens" for product "Scalance Xf201-3p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf202-2p Irt Firmware
Search vendor "Siemens" for product "Scalance Xf202-2p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance Xf202-2p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf202-2p Irt
Search vendor "Siemens" for product "Scalance Xf202-2p Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204-2ba Irt Firmware
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204-2ba Irt
Search vendor "Siemens" for product "Scalance Xf204-2ba Irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf204irt Firmware
Search vendor "Siemens" for product "Scalance Xf204irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Scalance Xf204irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf204irt
Search vendor "Siemens" for product "Scalance Xf204irt"
--
Safe
Siemens
Search vendor "Siemens"
Siplus Net Scalance X202-2p Irt Firmware
Search vendor "Siemens" for product "Siplus Net Scalance X202-2p Irt Firmware"
< 5.5.2
Search vendor "Siemens" for product "Siplus Net Scalance X202-2p Irt Firmware" and version " < 5.5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Siplus Net Scalance X202-2p Irt
Search vendor "Siemens" for product "Siplus Net Scalance X202-2p Irt"
--
Safe