CVE-2020-28391 - Vulnerability Details

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00125.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Siemens

SCALANCE X-200 switch family (incl. SIPLUS NET variants)

affected

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)

affected

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X-200RNA switch family

affected

Version	Status	Constraints
`All versions < V3.2.7`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:siemens:scalance_xp208_\(eip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208_\(eip\):-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:siemens:scalance_xp216_\(eip\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216_\(eip\):-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Siemens Subscribe	Scalance X200-4pirt Subscribe Scalance X200-4pirt Firmware Subscribe Scalance X201-3pirt Subscribe Scalance X201-3pirt Firmware Subscribe Scalance X202-2irt Subscribe Scalance X202-2irt Firmware Subscribe Scalance X202-2pirt Subscribe Scalance X202-2pirt Firmware Subscribe Scalance X202-2pirt Siplus Net Subscribe Scalance X202-2pirt Siplus Net Firmware Subscribe Scalance X204irt Subscribe Scalance X204irt Firmware Subscribe Scalance X307-3 Subscribe Scalance X307-3 Firmware Subscribe Scalance X307-3ld Subscribe Scalance X307-3ld Firmware Subscribe Scalance X308-2 Subscribe Scalance X308-2 Firmware Subscribe Scalance X308-2ld Subscribe Scalance X308-2ld Firmware Subscribe Scalance X308-2lh Subscribe Scalance X308-2lh\+ Subscribe Scalance X308-2lh\+ Firmware Subscribe Scalance X308-2lh Firmware Subscribe Scalance X308-2m Subscribe Scalance X308-2m Firmware Subscribe Scalance X308-2m Ts Subscribe Scalance X308-2m Ts Firmware Subscribe Scalance X310 Subscribe Scalance X310 Firmware Subscribe Scalance X310fe Subscribe Scalance X310fe Firmware Subscribe Scalance X320-1fe Subscribe Scalance X320-1fe Firmware Subscribe Scalance X320-3ldfe Subscribe Scalance X320-3ldfe Firmware Subscribe Scalance Xb205-3 Subscribe Scalance Xb205-3 Firmware Subscribe Scalance Xb205-3ld Subscribe Scalance Xb205-3ld Firmware Subscribe Scalance Xb208 Subscribe Scalance Xb208 Firmware Subscribe Scalance Xb213-3 Subscribe Scalance Xb213-3 Firmware Subscribe Scalance Xb213-3ld Subscribe Scalance Xb213-3ld Firmware Subscribe Scalance Xb216 Subscribe Scalance Xb216 Firmware Subscribe Scalance Xc206-2 Subscribe Scalance Xc206-2 Firmware Subscribe Scalance Xc206-2g Poe Subscribe Scalance Xc206-2g Poe Firmware Subscribe Scalance Xc206-2g Poe Eec Subscribe Scalance Xc206-2g Poe Eec Firmware Subscribe Scalance Xc206-2sfp Subscribe Scalance Xc206-2sfp Eec Subscribe Scalance Xc206-2sfp Eec Firmware Subscribe Scalance Xc206-2sfp Firmware Subscribe Scalance Xc206-2sfp G Subscribe Scalance Xc206-2sfp G \(e\/ip\) Subscribe Scalance Xc206-2sfp G \(e\/ip\) Firmware Subscribe Scalance Xc206-2sfp G Eec Subscribe Scalance Xc206-2sfp G Eec Firmware Subscribe Scalance Xc206-2sfp G Firmware Subscribe Scalance Xc208 Subscribe Scalance Xc208 Firmware Subscribe Scalance Xc208eec Subscribe Scalance Xc208eec Firmware Subscribe Scalance Xc208g Subscribe Scalance Xc208g \(e\/ip\) Subscribe Scalance Xc208g \(e\/ip\) Firmware Subscribe Scalance Xc208g Eec Subscribe Scalance Xc208g Eec Firmware Subscribe Scalance Xc208g Firmware Subscribe Scalance Xc208g Poe Subscribe Scalance Xc208g Poe Firmware Subscribe Scalance Xc216 Subscribe Scalance Xc216-4c Subscribe Scalance Xc216-4c Firmware Subscribe Scalance Xc216-4c G Subscribe Scalance Xc216-4c G \(e\/ip\) Subscribe Scalance Xc216-4c G \(e\/ip\) Firmware Subscribe Scalance Xc216-4c G Eec Subscribe Scalance Xc216-4c G Eec Firmware Subscribe Scalance Xc216-4c G Firmware Subscribe Scalance Xc216 Firmware Subscribe Scalance Xc216eec Subscribe Scalance Xc216eec Firmware Subscribe Scalance Xc224-4c G Subscribe Scalance Xc224-4c G \(e\/ip\) Subscribe Scalance Xc224-4c G \(e\/ip\) Firmware Subscribe Scalance Xc224-4c G Firmware Subscribe Scalance Xc224-4c G Eec Subscribe Scalance Xc224-4c G Eec Firmware Subscribe Scalance Xc224 Subscribe Scalance Xc224 Firmware Subscribe Scalance Xf201-3p Irt Subscribe Scalance Xf201-3p Irt Firmware Subscribe Scalance Xf202-2p Irt Subscribe Scalance Xf202-2p Irt Firmware Subscribe Scalance Xf204 Subscribe Scalance Xf204-2 Subscribe Scalance Xf204-2 Firmware Subscribe Scalance Xf204-2ba Dna Subscribe Scalance Xf204-2ba Dna Firmware Subscribe Scalance Xf204-2ba Irt Subscribe Scalance Xf204-2ba Irt Firmware Subscribe Scalance Xf204 Dna Subscribe Scalance Xf204 Dna Firmware Subscribe Scalance Xf204 Firmware Subscribe Scalance Xf204irt Subscribe Scalance Xf204irt Firmware Subscribe Scalance Xf206-1 Subscribe Scalance Xf206-1 Firmware Subscribe Scalance Xf208 Subscribe Scalance Xf208 Firmware Subscribe Scalance Xp208 Subscribe Scalance Xp208 \(eip\) Subscribe Scalance Xp208 \(eip\) Firmware Subscribe Scalance Xp208 Firmware Subscribe Scalance Xp208eec Subscribe Scalance Xp208eec Firmware Subscribe Scalance Xp208poe Eec Subscribe Scalance Xp208poe Eec Firmware Subscribe Scalance Xp216 Subscribe Scalance Xp216 \(eip\) Subscribe Scalance Xp216 \(eip\) Firmware Subscribe Scalance Xp216 Firmware Subscribe Scalance Xp216eec Subscribe Scalance Xp216eec Firmware Subscribe Scalance Xp216poe Eec Subscribe Scalance Xp216poe Eec Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2020-20850	A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-01-12T00:00:00

Updated: 2024-08-04T16:33:59.106Z

Reserved: 2020-11-10T00:00:00

Link: CVE-2020-28391

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-01-12T21:15:18.120

Modified: 2024-11-21T05:22:42.433

Link: CVE-2020-28391

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object