CVE-2020-28395Use of Hard-coded Cryptographic Key in Siemens Scalance Xr324-12m Firmware

CWE-321Use of Hard-coded Cryptographic KeyCWE-798Hard-coded Credentials3 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.2%
top 63.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Siemens Scalance Xr324-12m FirmwareSiemens Scalance Xr324-12m TS FirmwareSiemens Scalance Xr324-4m EEC Firmware+7 more
Timeline
PublishedJan 12
Latest updateMay 24

Description

A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages10 packages

CVEListV5siemens/scalance_x-200rna_switch_familyAll versions < V3.2.7
CVEListV5siemens/scalance_x-300_switch_familyAll versions < V4.1.0

🔴Vulnerability Details

2
GHSA
GHSA-vfw8-4p7f-cjjh: A vulnerability has been identified in SCALANCE X-300 switch family (incl2022-05-24
CVEList
CVE-2020-28395: A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V32021-01-12
CVE-2020-28395 — Use of Hard-coded Cryptographic Key | cvebase