CVE-2013-4651
01.08.2013, 13:32
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.Enginsight
| Vendor | Product | Version |
|---|---|---|
| siemens | scalance_w700_series_firmware | 𝑥 ≤ 4.4.0 |
| siemens | scalance_w744-1 | - |
| siemens | scalance_w744-1pro | - |
| siemens | scalance_w746-1 | - |
| siemens | scalance_w746-1pro | - |
| siemens | scalance_w747-1 | - |
| siemens | scalance_w747-1rr | - |
| siemens | scalance_w784-1 | - |
| siemens | scalance_w784-1rr | - |
| siemens | scalance_w786-1pro | - |
| siemens | scalance_w786-2pro | - |
| siemens | scalance_w786-2rr | - |
| siemens | scalance_w786-3pro | - |
| siemens | scalance_w788-1pro | - |
| siemens | scalance_w788-1rr | - |
| siemens | scalance_w788-2pro | - |
| siemens | scalance_w788-2rr | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration