Siemens Scalance X-300 Switch Family vulnerabilities

CVE-2020-15800 [CRITICAL] CWE-122 CVE-2020-15800: A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vul

CVE-2020-28395 [MEDIUM] CWE-321 CVE-2020-28395: A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCAL A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previousl

CVE-2019-13924 [MEDIUM] CWE-693 CVE-2019-13924: A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versi A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5

CVE-2019-6567 [MEDIUM] CWE-257 CVE-2019-6567: A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X-414-3E (All versions). The affected devices s

CVE-2018-4833 [HIGH] CWE-122 CVE-2018-4833: A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch

CVE-2018-4848 [MEDIUM] CWE-80 CVE-2018-4848: A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3).

CVE-2018-4842 [MEDIUM] CWE-79 CVE-2018-4842: A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) ( A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could