CVE-2020-28395

Published: Jan 12, 2021Modified: Nov 21, 2024

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Affected (8)

Products: Siemens: Scalance Xr324 12m Firmware, Scalance Xr324 12m Ts Firmware, Scalance Xr324 4m Eec Firmware, Scalance Xr324 4m Poe Firmware, Scalance Xr324 4m Poe Ts Firmware, Scalance Xr324wg Firmware, Scalance Xr326 2c Poe Wg Firmware, Scalance Xr328 4c Wg Firmware

Siemens

8 products

Scalance Xr324 12m Firmware

Scalance Xr324 12m Ts Firmware

Scalance Xr324 4m Eec Firmware

Scalance Xr324 4m Poe Firmware

Scalance Xr324 4m Poe Ts Firmware

Scalance Xr324wg Firmware

Scalance Xr326 2c Poe Wg Firmware

Scalance Xr328 4c Wg Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 12m Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324 12m	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 12m Ts Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324 12m Ts	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Eec Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Eec	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Poe Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Poe	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Poe Ts Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Poe Ts	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324wg Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr324wg	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr326 2c Poe Wg Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr326 2c Poe Wg	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr328 4c Wg Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Scalance Xr328 4c Wg	All versions

Related CWEs

CWE-321

Use of Hard-coded Cryptographic Key

The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (4)

https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf

Source: productcert@siemens.com

Vendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02

Source: productcert@siemens.com

Third Party AdvisoryUS Government ResourceVendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government ResourceVendor Advisory

Timeline

No history available yet.