Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-44317

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

Published

2023-11-14T11:15:12.067

Last Modified

2025-01-14T11:15:13.027

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses
  • Type: Primary
    CWE-349
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System siemens scalance_xb208_\(e\/ip\)_firmware - Yes
Hardware siemens scalance_xb208_\(e\/ip\) - No
Operating System siemens scalance_xb208_\(pn\)_firmware - Yes
Hardware siemens scalance_xb208_\(pn\) - No
Operating System siemens scalance_xb216_\(e\/ip\)_firmware - Yes
Hardware siemens scalance_xb216_\(e\/ip\) - No
Operating System siemens scalance_xb216_\(pn\)_firmware - Yes
Hardware siemens scalance_xb216_\(pn\) - No
Operating System siemens scalance_xc206-2_\(sc\)_firmware - Yes
Hardware siemens scalance_xc206-2_\(sc\) - No
Operating System siemens scalance_xc206-2_\(st\/bfoc\)_firmware - Yes
Hardware siemens scalance_xc206-2_\(st\/bfoc\) - No
Operating System siemens scalance_xc206-2g_poe_firmware - Yes
Hardware siemens scalance_xc206-2g_poe - No
Operating System siemens scalance_xc206-2g_poe_\(54_v_dc\)_firmware - Yes
Hardware siemens scalance_xc206-2g_poe_\(54_v_dc\) - No
Operating System siemens scalance_xc206-2g_poe_eec_\(54_v_dc\)_firmware - Yes
Hardware siemens scalance_xc206-2g_poe_eec_\(54_v_dc\) - No
Operating System siemens scalance_xc206-2sfp_firmware - Yes
Hardware siemens scalance_xc206-2sfp - No
Operating System siemens scalance_xc206-2sfp_eec_firmware - Yes
Hardware siemens scalance_xc206-2sfp_eec - No
Operating System siemens scalance_xc206-2sfp_g_firmware - Yes
Hardware siemens scalance_xc206-2sfp_g - No
Operating System siemens scalance_xc206-2sfp_g_\(eip_def.\)_firmware - Yes
Hardware siemens scalance_xc206-2sfp_g_\(eip_def.\) - No
Operating System siemens scalance_xc206-2sfp_g_eec_firmware - Yes
Hardware siemens scalance_xc206-2sfp_g_eec - No
Operating System siemens scalance_xc208_firmware - Yes
Hardware siemens scalance_xc208 - No
Operating System siemens scalance_xc208eec_firmware - Yes
Hardware siemens scalance_xc208eec - No
Operating System siemens scalance_xc208g_firmware - Yes
Hardware siemens scalance_xc208g - No
Operating System siemens scalance_xc208g_\(eip_def.\)_firmware - Yes
Hardware siemens scalance_xc208g_\(eip_def.\) - No
Operating System siemens scalance_xc208g_eec_firmware - Yes
Hardware siemens scalance_xc208g_eec - No
Operating System siemens scalance_xc208g_poe_firmware - Yes
Hardware siemens scalance_xc208g_poe - No
Operating System siemens scalance_xc208g_poe_\(54_v_dc\)_firmware - Yes
Hardware siemens scalance_xc208g_poe_\(54_v_dc\) - No
Operating System siemens scalance_xc216_firmware - Yes
Hardware siemens scalance_xc216 - No
Operating System siemens scalance_xc216-3g_poe_firmware - Yes
Hardware siemens scalance_xc216-3g_poe - No
Operating System siemens scalance_xc216-3g_poe_\(54_v_dc\)_firmware - Yes
Hardware siemens scalance_xc216-3g_poe_\(54_v_dc\) - No
Operating System siemens scalance_xc216-4c_firmware - Yes
Hardware siemens scalance_xc216-4c - No
Operating System siemens scalance_xc216-4c_g_firmware - Yes
Hardware siemens scalance_xc216-4c_g - No
Operating System siemens scalance_xc216-4c_g_\(eip_def.\)_firmware - Yes
Hardware siemens scalance_xc216-4c_g_\(eip_def.\) - No
Operating System siemens scalance_xc216-4c_g_eec_firmware - Yes
Hardware siemens scalance_xc216-4c_g_eec - No
Operating System siemens scalance_xc216eec_firmware - Yes
Hardware siemens scalance_xc216eec - No
Operating System siemens scalance_xc224_firmware - Yes
Hardware siemens scalance_xc224 - No
Operating System siemens scalance_xc224-4c_g_firmware - Yes
Hardware siemens scalance_xc224-4c_g - No
Operating System siemens scalance_xc224-4c_g_\(eip_def.\)_firmware - Yes
Hardware siemens scalance_xc224-4c_g_\(eip_def.\) - No
Operating System siemens scalance_xc224-4c_g_eec_firmware - Yes
Hardware siemens scalance_xc224-4c_g_eec - No
Operating System siemens scalance_xf204_firmware - Yes
Hardware siemens scalance_xf204 - No
Operating System siemens scalance_xf204_dna_firmware - Yes
Hardware siemens scalance_xf204_dna - No
Operating System siemens scalance_xf204-2ba_firmware - Yes
Hardware siemens scalance_xf204-2ba - No
Operating System siemens scalance_xf204-2ba_dna_firmware - Yes
Hardware siemens scalance_xf204-2ba_dna - No
Operating System siemens scalance_xp208_firmware - Yes
Hardware siemens scalance_xp208 - No
Operating System siemens scalance_xp208_\(ethernet\/ip\)_firmware - Yes
Hardware siemens scalance_xp208_\(ethernet\/ip\) - No
Operating System siemens scalance_xp208eec_firmware - Yes
Hardware siemens scalance_xp208eec - No
Operating System siemens scalance_xp208poe_eec_firmware - Yes
Hardware siemens scalance_xp208poe_eec - No
Operating System siemens scalance_xp216_firmware - Yes
Hardware siemens scalance_xp216 - No
Operating System siemens scalance_xp216_\(ethernet\/ip\)_firmware - Yes
Hardware siemens scalance_xp216_\(ethernet\/ip\) - No
Operating System siemens scalance_xp216eec_firmware - Yes
Hardware siemens scalance_xp216eec - No
Operating System siemens scalance_xp216poe_eec_firmware - Yes
Hardware siemens scalance_xp216poe_eec - No
Operating System siemens scalance_xr326-2c_poe_wg_firmware - Yes
Hardware siemens scalance_xr326-2c_poe_wg - No
Operating System siemens scalance_xr326-2c_poe_wg_\(without_ul\)_firmware - Yes
Hardware siemens scalance_xr326-2c_poe_wg_\(without_ul\) - No
Operating System siemens siplus_net_scalance_xc206-2_firmware - Yes
Hardware siemens siplus_net_scalance_xc206-2 - No
Operating System siemens siplus_net_scalance_xc206-2sfp_firmware - Yes
Hardware siemens siplus_net_scalance_xc206-2sfp - No
Operating System siemens siplus_net_scalance_xc208_firmware - Yes
Hardware siemens siplus_net_scalance_xc208 - No
Operating System siemens siplus_net_scalance_xc216-4c_firmware - Yes
Hardware siemens siplus_net_scalance_xc216-4c - No
Operating System siemens scalance_xb205-3_\(sc\,_pn\)_firmware - Yes
Hardware siemens scalance_xb205-3_\(sc\,_pn\) - No
Operating System siemens scalance_xb205-3_\(st\,_e\/ip\)_firmware - Yes
Hardware siemens scalance_xb205-3_\(st\,_e\/ip\) - No
Operating System siemens scalance_xb205-3_\(st\,_pn\)_firmware - Yes
Hardware siemens scalance_xb205-3_\(st\,_pn\) - No
Operating System siemens scalance_xb205-3ld_\(sc\,_e\/ip\)_firmware - Yes
Hardware siemens scalance_xb205-3ld_\(sc\,_e\/ip\) - No
Operating System siemens scalance_xb205-3ld_\(sc\,_pn\)_firmware - Yes
Hardware siemens scalance_xb205-3ld_\(sc\,_pn\) - No
Operating System siemens scalance_xb213-3_\(sc\,_e\/ip\)_firmware - Yes
Hardware siemens scalance_xb213-3_\(sc\,_e\/ip\) - No
Operating System siemens scalance_xb213-3_\(sc\,_pn\)_firmware - Yes
Hardware siemens scalance_xb213-3_\(sc\,_pn\) - No
Operating System siemens scalance_xb213-3_\(st\,_e\/ip\)_firmware - Yes
Hardware siemens scalance_xb213-3_\(st\,_e\/ip\) - No
Operating System siemens scalance_xb213-3_\(st\,_pn\)_firmware - Yes
Hardware siemens scalance_xb213-3_\(st\,_pn\) - No
Operating System siemens scalance_xb213-3ld_\(sc\,_e\/ip\)_firmware - Yes
Hardware siemens scalance_xb213-3ld_\(sc\,_e\/ip\) - No
Operating System siemens scalance_xb213-3ld_\(sc\,_pn\)_firmware - Yes
Hardware siemens scalance_xb213-3ld_\(sc\,_pn\) - No
Operating System siemens scalance_xr324wg_\(24_x_fe\,_ac_230v\)_firmware - Yes
Hardware siemens scalance_xr324wg_\(24_x_fe\,_ac_230v\) - No
Operating System siemens scalance_xr324wg_\(24_x_fe\,_dc_24v\)_firmware - Yes
Hardware siemens scalance_xr324wg_\(24_x_fe\,_dc_24v\) - No
Operating System siemens scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)_firmware - Yes
Hardware siemens scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\) - No
Operating System siemens scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)_firmware - Yes
Hardware siemens scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\) - No
Operating System siemens scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)_firmware - Yes
Hardware siemens scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\) - No
Operating System siemens scalance_xr328-4c_wg_\(28xge\,_ac_230v\)_firmware - Yes
Hardware siemens scalance_xr328-4c_wg_\(28xge\,_ac_230v\) - No
Operating System siemens scalance_xr328-4c_wg_\(28xge\,_dc_24v\)_firmware - Yes
Hardware siemens scalance_xr328-4c_wg_\(28xge\,_dc_24v\) - No
References