CVE-2022-46353

EUVD-2022-49169

13.12.2022, 16:15

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADP	ADP	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 83%

Affected Products (NVD)

Vendor	Product	Version
siemens	6gk5204-0ba00-2mb2_firmware	𝑥 < 3.2.7
siemens	6gk5204-0ba00-2kb2_firmware	𝑥 < 3.2.7
siemens	6gk5204-0bs00-2na3_firmware	𝑥 < 3.2.7
siemens	6gk5204-0bs00-3la3_firmware	𝑥 < 3.2.7
siemens	6gk5204-0bs00-3pa3_firmware	𝑥 < 3.2.7

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-330 - Use of Insufficiently Random Values
The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf