Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-28391

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Published

2021-01-12T21:15:18.120

Last Modified

2024-11-21T05:22:42.433

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-321
Type: Secondary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	scalance_x200-4pirt_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x200-4pirt	-	No
Operating System	siemens	scalance_x201-3pirt_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x201-3pirt	-	No
Operating System	siemens	scalance_x202-2irt_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x202-2irt	-	No
Operating System	siemens	scalance_x202-2pirt_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x202-2pirt	-	No
Operating System	siemens	scalance_x202-2pirt_siplus_net_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x202-2pirt_siplus_net	-	No
Operating System	siemens	scalance_x204irt_firmware	< 5.5.0	Yes
Hardware	siemens	scalance_x204irt	-	No
Operating System	siemens	scalance_x307-3_firmware	*	Yes
Hardware	siemens	scalance_x307-3	-	No
Operating System	siemens	scalance_x307-3ld_firmware	*	Yes
Hardware	siemens	scalance_x307-3ld	-	No
Operating System	siemens	scalance_x308-2_firmware	*	Yes
Hardware	siemens	scalance_x308-2	-	No
Operating System	siemens	scalance_x308-2ld_firmware	*	Yes
Hardware	siemens	scalance_x308-2ld	-	No
Operating System	siemens	scalance_x308-2lh_firmware	*	Yes
Hardware	siemens	scalance_x308-2lh	-	No
Operating System	siemens	scalance_x308-2lh\+_firmware	*	Yes
Hardware	siemens	scalance_x308-2lh\+	-	No
Operating System	siemens	scalance_x308-2m_firmware	*	Yes
Hardware	siemens	scalance_x308-2m	-	No
Operating System	siemens	scalance_x308-2m_ts_firmware	*	Yes
Hardware	siemens	scalance_x308-2m_ts	-	No
Operating System	siemens	scalance_x310_firmware	*	Yes
Hardware	siemens	scalance_x310	-	No
Operating System	siemens	scalance_x310fe_firmware	*	Yes
Hardware	siemens	scalance_x310fe	-	No
Operating System	siemens	scalance_x320-1fe_firmware	*	Yes
Hardware	siemens	scalance_x320-1fe	-	No
Operating System	siemens	scalance_x320-3ldfe_firmware	*	Yes
Hardware	siemens	scalance_x320-3ldfe	-	No
Operating System	siemens	scalance_xb205-3_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb205-3	-	No
Operating System	siemens	scalance_xb205-3ld_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb205-3ld	-	No
Operating System	siemens	scalance_xb208_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb208	-	No
Operating System	siemens	scalance_xb213-3_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb213-3	-	No
Operating System	siemens	scalance_xb213-3ld_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb213-3ld	-	No
Operating System	siemens	scalance_xb216_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xb216	-	No
Operating System	siemens	scalance_xc206-2_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2	-	No
Operating System	siemens	scalance_xc206-2g_poe__firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2g_poe_	-	No
Operating System	siemens	scalance_xc206-2g_poe_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2g_poe_eec	-	No
Operating System	siemens	scalance_xc206-2sfp_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2sfp	-	No
Operating System	siemens	scalance_xc206-2sfp_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2sfp_eec	-	No
Operating System	siemens	scalance_xc206-2sfp_g_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2sfp_g	-	No
Operating System	siemens	scalance_xc206-2sfp_g_\(e\/ip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2sfp_g_\(e\/ip\)	-	No
Operating System	siemens	scalance_xc206-2sfp_g_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc206-2sfp_g_eec	-	No
Operating System	siemens	scalance_xc208_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208	-	No
Operating System	siemens	scalance_xc208eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208eec	-	No
Operating System	siemens	scalance_xc208g_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208g	-	No
Operating System	siemens	scalance_xc208g_\(e\/ip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208g_\(e\/ip\)	-	No
Operating System	siemens	scalance_xc208g_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208g_eec	-	No
Operating System	siemens	scalance_xc208g_poe_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc208g_poe	-	No
Operating System	siemens	scalance_xc216_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216	-	No
Operating System	siemens	scalance_xc216-4c_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216-4c	-	No
Operating System	siemens	scalance_xc216-4c_g_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216-4c_g	-	No
Operating System	siemens	scalance_xc216-4c_g_\(e\/ip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216-4c_g_\(e\/ip\)	-	No
Operating System	siemens	scalance_xc216-4c_g_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216-4c_g_eec	-	No
Operating System	siemens	scalance_xc216eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc216eec	-	No
Operating System	siemens	scalance_xc224-4c_g__firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc224-4c_g_	-	No
Operating System	siemens	scalance_xc224-4c_g_\(e\/ip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc224-4c_g_\(e\/ip\)	-	No
Operating System	siemens	scalance_xc224-4c_g_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc224-4c_g_eec	-	No
Operating System	siemens	scalance_xc224__firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xc224_	-	No
Operating System	siemens	scalance_xf201-3p_irt_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf201-3p_irt	-	No
Operating System	siemens	scalance_xf202-2p_irt_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf202-2p_irt	-	No
Operating System	siemens	scalance_xf204_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204	-	No
Operating System	siemens	scalance_xf204-2_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204-2	-	No
Operating System	siemens	scalance_xf204-2ba_dna_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204-2ba_dna	-	No
Operating System	siemens	scalance_xf204-2ba_irt_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204-2ba_irt	-	No
Operating System	siemens	scalance_xf204_dna_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204_dna	-	No
Operating System	siemens	scalance_xf204irt_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf204irt	-	No
Operating System	siemens	scalance_xf206-1_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf206-1	-	No
Operating System	siemens	scalance_xf208_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xf208	-	No
Operating System	siemens	scalance_xp208_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp208	-	No
Operating System	siemens	scalance_xp208_\(eip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp208_\(eip\)	-	No
Operating System	siemens	scalance_xp208eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp208eec	-	No
Operating System	siemens	scalance_xp208poe_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp208poe_eec	-	No
Operating System	siemens	scalance_xp216_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp216	-	No
Operating System	siemens	scalance_xp216_\(eip\)_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp216_\(eip\)	-	No
Operating System	siemens	scalance_xp216eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp216eec	-	No
Operating System	siemens	scalance_xp216poe_eec_firmware	< 5.2.5	Yes
Hardware	siemens	scalance_xp216poe_eec	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf Vendor Advisory ([email protected])
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 Third Party Advisory, US Government Resource, Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 Third Party Advisory, US Government Resource, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)