CVE-2023-29054Inadequate Encryption Strength in Siemens Scalance X200-4p IRT Firmware

CWE-326Inadequate Encryption Strength3 documents3 sources
Severity
7.4HIGHNVD
CNA6.7
EPSS
0.2%
top 63.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
26
Siemens Scalance X200-4p IRT FirmwareSiemens Scalance X201-3p IRT FirmwareSiemens Scalance X201-3p IRT PRO Firmware+23 more
Timeline
PublishedApr 11

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALA

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages26 packages

CVEListV5siemens/scalance_x202-2irtAll versions < V5.5.2
CVEListV5siemens/siplus_net_scalance_x202-2p_irtAll versions < V5.5.2

🔴Vulnerability Details

2
GHSA
GHSA-6488-g94h-5jh6: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V52023-04-11
CVEList
CVE-2023-29054: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V52023-04-11
CVE-2023-29054 — Inadequate Encryption Strength | cvebase