CVE-2023-29054

11.04.2023, 10:15

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.

This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data
passed over the connection between legitimate clients and the affected device.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.7 MEDIUM	ADJACENT_NETWORK	HIGH	NONE	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H
siemens	CNA	6.7 MEDIUM				CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:U/RC:C
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 27%

Vendor	Product	Version
siemens	scalance_x200-4p_irt_firmware	𝑥 < 5.5.2
siemens	scalance_x201-3p_irt_firmware	𝑥 < 5.5.2
siemens	scalance_x201-3p_irt_pro_firmware	𝑥 < 5.5.2
siemens	scalance_x202-2irt_firmware	𝑥 < 5.5.2
siemens	scalance_x202-2irt_firmware	𝑥 < 5.5.2
siemens	scalance_x202-2p_irt_firmware	𝑥 < 5.5.2
siemens	scalance_x202-2p_irt_pro_firmware	𝑥 < 5.5.2
siemens	scalance_x204irt_firmware	𝑥 < 5.5.2
siemens	scalance_x204irt_firmware	𝑥 < 5.5.2
siemens	scalance_x204irt_pro_firmware	𝑥 < 5.5.2
siemens	scalance_xf201-3p_irt_firmware	𝑥 < 5.5.2
siemens	scalance_xf202-2p_irt_firmware	𝑥 < 5.5.2
siemens	scalance_xf204-2ba_irt_firmware	𝑥 < 5.5.2
siemens	scalance_xf204irt_firmware	𝑥 < 5.5.2
siemens	siplus_net_scalance_x202-2p_irt_firmware	𝑥 < 5.5.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-326 - Inadequate Encryption Strength
The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf