CVE-2020-15800
First published: Tue Jan 12 2021(Updated: )
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SCALANCE X200-4PIRT | <5.5.0 | |
| Siemens SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3) | ||
| Siemens SCALANCE X201-3P IRT Firmware | <5.5.0 | |
| Siemens Scalance X201-3P IRT Pro Firmware | ||
| Siemens SCALANCE X202-2P IRT firmware | <5.5.0 | |
| Siemens SCALANCE X202-2IRT | ||
| Siemens SCALANCE X202-2PIRT SIPLUS NET Firmware | <5.5.0 | |
| Siemens SCALANCE X202-2P IRT SIPLUS NET | ||
| Siemens SIPLUS NET SCALANCE X202-2P IRT | <5.5.0 | |
| Siemens SCALANCE X202-2P IRT SIPLUS NET | ||
| Siemens Scalance X204 IRT Firmware | <5.5.0 | |
| Siemens Scalance X-200IRT | ||
| Siemens Scalance X307-3LD | ||
| Siemens SCALANCE X307-3 | ||
| Siemens Scalance X307-3LD | ||
| Siemens Scalance X307-3LD | ||
| Siemens SIPLUS NET SCALANCE X308-2 firmware | ||
| Siemens Scalance X308-2M PoE | ||
| Siemens Scalance X308-2LD | ||
| Siemens Scalance X308-2LD | ||
| Siemens Scalance X308-2LH | ||
| Siemens Scalance X308-2LH | ||
| Siemens Scalance X308-2LH+ Firmware | ||
| Siemens Scalance X308-2LH+ | ||
| Siemens Scalance X308-2M | ||
| Siemens Scalance X308-2M Firmware | ||
| Siemens Scalance X308-2M PoE | ||
| Siemens SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) | ||
| Siemens Scalance X310 | ||
| Siemens Scalance X310 | ||
| Siemens Scalance X310FE | ||
| Siemens Scalance X310FE | ||
| Siemens Scalance X320-1FE | ||
| Siemens SCALANCE X320-1FE | ||
| Siemens Scalance X320-3LDFE Firmware | ||
| Siemens Scalance X320-3LDFE Firmware | ||
| Siemens Scalance XB205-3LD | <5.2.5 | |
| Siemens Scalance XB205-3LD | ||
| Siemens Scalance XB205-3LD | <5.2.5 | |
| Siemens Scalance XB205-3 | ||
| Siemens Scalance XB208 | <5.2.5 | |
| Siemens Scalance XB208 | ||
| Siemens Scalance XB213-3 | <5.2.5 | |
| Siemens Scalance XB213-3LD Firmware | ||
| Siemens SCALANCE XB213-3LD (SC, E/IP) Firmware | <5.2.5 | |
| Siemens SCALANCE XB213-3 LD (SC, E/IP) | ||
| Siemens Scalance XB216 | <5.2.5 | |
| Siemens Scalance XB216 Firmware | ||
| Siemens SCALANCE XC206-2 (SC) Firmware | <5.2.5 | |
| Siemens Scalance XC206-2 Firmware | ||
| Siemens Scalance XC206-2G PoE | <5.2.5 | |
| Siemens SCALANCE XC206-2G PoE (54 V DC) | ||
| Siemens SCALANCE XC206-2G PoE EEC (54V DC) Firmware | <5.2.5 | |
| Siemens SCALANCE XC206-2G PoE EEC (54V DC) Firmware | ||
| Siemens Scalance XC206-2SFP G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC206-2SFP Firmware | ||
| Siemens Siplus Net Scalance XC206-2SFP | <5.2.5 | |
| Siemens Scalance XC206-2SFP EEC Firmware | ||
| Siemens SCALANCE XC206-2SFP G | <5.2.5 | |
| Siemens Scalance XC206-2SFP | ||
| Siemens Scalance XC206-2SFP G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC206-2SFP G (E/IP) | ||
| Siemens Siplus Net Scalance XC206-2SFP Firmware | <5.2.5 | |
| Siemens Scalance XC206-2SFP G EEC Firmware | ||
| Siemens Siplus Net Scalance XC208 Firmware | <5.2.5 | |
| Siemens Siplus Net Scalance XC208 | ||
| Siemens SCALANCE XC208 EEC Firmware | <5.2.5 | |
| Siemens SCALANCE XC208 EEC Firmware | ||
| Siemens Scalance XC208G (E/IP) | <5.2.5 | |
| Siemens Scalance XC208G (E/IP) | ||
| Siemens Scalance XC208G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC208G (E/IP) | ||
| Siemens SCALANCE XC208G (EIP DEF.) | <5.2.5 | |
| Siemens Scalance XC208G (E/IP) | ||
| Siemens SCALANCE XC208G Firmware | <5.2.5 | |
| Siemens SCALANCE XC208G PoE (54 V DC) | ||
| Siemens Scalance XC216EEC Firmware | <5.2.5 | |
| Siemens SCALANCE XC216-3G PoE (54 V DC) | ||
| Siemens SCALANCE XC216-4C G Firmware | <5.2.5 | |
| Siemens Scalance XC216-4C Firmware | ||
| Siemens Scalance XC216-4C G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC216-4C G (E/IP) | ||
| Siemens Scalance XC216-4C G (E/IP) | <5.2.5 | |
| Siemens Scalance XC216-4C G (E/IP) | ||
| Siemens Scalance XC216-4C G EEC | <5.2.5 | |
| Siemens Scalance XC216-4C Firmware | ||
| Siemens Scalance XC216EEC | <5.2.5 | |
| Siemens Scalance XC216EEC Firmware | ||
| Siemens Scalance XC224-4C G EEC Firmware | <5.2.5 | |
| Siemens SCALANCE XC224-4C G (EIP DEF.) Firmware | ||
| Siemens Scalance XC224-4C G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC224-4C G (E/IP) | ||
| Siemens Scalance XC224-4C G (E/IP) Firmware | <5.2.5 | |
| Siemens Scalance XC224-4C G (E/IP) Firmware | ||
| Siemens Scalance Xc224 Firmware | <5.2.5 | |
| Siemens SCALANCE XC224-4C G | ||
| Siemens Scalance XF201-3P IRT | <5.2.5 | |
| Siemens SCALANCE XF201-3P IRT | ||
| Siemens Scalance XF202-2P IRT | <5.2.5 | |
| Siemens SCALANCE XF202-2P IRT | ||
| Siemens Scalance XF204 Firmware | <5.2.5 | |
| Siemens Scalance XF204-2 Firmware | ||
| Siemens Scalance XF204-2 Firmware | <5.2.5 | |
| Siemens SCALANCE XF204-2 | ||
| Siemens Scalance XF204-2BA DNA | <5.2.5 | |
| Siemens Scalance XF204-2BA DNA | ||
| Siemens Scalance XF204-2BA IRT | <5.2.5 | |
| Siemens SCALANCE XF204IRT | ||
| Siemens Scalance XF204 DNA | <5.2.5 | |
| Siemens Scalance XF204 DNA | ||
| Siemens SCALANCE XF204IRT | <5.2.5 | |
| Siemens SCALANCE XF204IRT | ||
| Siemens Scalance XF206-1 | <5.2.5 | |
| Siemens SCALANCE XF206-1 | ||
| Siemens Scalance XF208 | <5.2.5 | |
| Siemens SCALANCE XF208 | ||
| Siemens SCALANCE XP208 (Ethernet/IP) | <5.2.5 | |
| Siemens Scalance XP208 (EIP) | ||
| Siemens Scalance XP208 (EIP) Firmware | <5.2.5 | |
| Siemens Scalance XP208 (EIP) | ||
| Siemens Scalance XP208EEC | <5.2.5 | |
| Siemens SCALANCE XP208PoE EEC | ||
| Siemens SCALANCE XP208PoE EEC | <5.2.5 | |
| Siemens SCALANCE XP208PoE EEC Firmware | ||
| Siemens Scalance XP216 (EIP) Firmware | <5.2.5 | |
| Siemens Scalance XP216 (EIP) Firmware | ||
| Siemens Scalance XP216 (EIP) Firmware | <5.2.5 | |
| Siemens Scalance XP216 (EIP) | ||
| Siemens Scalance XP216EEC | <5.2.5 | |
| Siemens Scalance XP216EEC Firmware | ||
| Siemens Scalance XP216PoE EEC | <5.2.5 | |
| Siemens Scalance XP216PoE EEC Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-15800?
The severity of CVE-2020-15800 is considered high due to the potential unauthorized access it permits.
How do I fix CVE-2020-15800?
To fix CVE-2020-15800, update your SCALANCE X-200, X-300, and related switches to the latest firmware version available: V5.2.5 or higher.
Which SCALANCE switch models are affected by CVE-2020-15800?
CVE-2020-15800 affects several models, including SCALANCE X-200 series, X-200IRT series, and X-300 series with firmware versions below specified thresholds.
Can CVE-2020-15800 be exploited remotely?
Yes, CVE-2020-15800 can be exploited remotely if the affected devices are not properly secured.
Are there any workarounds for CVE-2020-15800?
While the best mitigation is to update the firmware, temporarily disabling remote management features can act as a workaround until updates are applied.
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens scalance x200-4pirt
- canonical/siemens scalance x200-4p irt (6gk5200-4ah00-2ba3)
- canonical/siemens scalance x201-3p irt firmware
- canonical/siemens scalance x201-3p irt pro firmware
- canonical/siemens scalance x202-2p irt firmware
- canonical/siemens scalance x202-2irt
- canonical/siemens scalance x202-2pirt siplus net firmware
- canonical/siemens scalance x202-2p irt siplus net
- canonical/siemens siplus net scalance x202-2p irt
- canonical/siemens scalance x204 irt firmware
- canonical/siemens scalance x-200irt
- canonical/siemens scalance x307-3ld
- canonical/siemens scalance x307-3
- canonical/siemens siplus net scalance x308-2 firmware
- canonical/siemens scalance x308-2m poe
- canonical/siemens scalance x308-2ld
- canonical/siemens scalance x308-2lh
- canonical/siemens scalance x308-2lh+ firmware
- canonical/siemens scalance x308-2lh+
- canonical/siemens scalance x308-2m
- canonical/siemens scalance x308-2m firmware
- canonical/siemens scalance x308-2m ts (6gk5308-2gg00-2ca2)
- canonical/siemens scalance x310
- canonical/siemens scalance x310fe
- canonical/siemens scalance x320-1fe
- canonical/siemens scalance x320-3ldfe firmware
- canonical/siemens scalance xb205-3ld
- canonical/siemens scalance xb205-3
- canonical/siemens scalance xb208
- canonical/siemens scalance xb213-3
- canonical/siemens scalance xb213-3ld firmware
- canonical/siemens scalance xb213-3ld (sc, e/ip) firmware
- canonical/siemens scalance xb213-3 ld (sc, e/ip)
- canonical/siemens scalance xb216
- canonical/siemens scalance xb216 firmware
- canonical/siemens scalance xc206-2 (sc) firmware
- canonical/siemens scalance xc206-2 firmware
- canonical/siemens scalance xc206-2g poe
- canonical/siemens scalance xc206-2g poe (54 v dc)
- canonical/siemens scalance xc206-2g poe eec (54v dc) firmware
- canonical/siemens scalance xc206-2sfp g (e/ip) firmware
- canonical/siemens scalance xc206-2sfp firmware
- canonical/siemens siplus net scalance xc206-2sfp
- canonical/siemens scalance xc206-2sfp eec firmware
- canonical/siemens scalance xc206-2sfp g
- canonical/siemens scalance xc206-2sfp
- canonical/siemens scalance xc206-2sfp g (e/ip)
- canonical/siemens siplus net scalance xc206-2sfp firmware
- canonical/siemens scalance xc206-2sfp g eec firmware
- canonical/siemens siplus net scalance xc208 firmware
- canonical/siemens siplus net scalance xc208
- canonical/siemens scalance xc208 eec firmware
- canonical/siemens scalance xc208g (e/ip)
- canonical/siemens scalance xc208g (e/ip) firmware
- canonical/siemens scalance xc208g (eip def.)
- canonical/siemens scalance xc208g firmware
- canonical/siemens scalance xc208g poe (54 v dc)
- canonical/siemens scalance xc216eec firmware
- canonical/siemens scalance xc216-3g poe (54 v dc)
- canonical/siemens scalance xc216-4c g firmware
- canonical/siemens scalance xc216-4c firmware
- canonical/siemens scalance xc216-4c g (e/ip) firmware
- canonical/siemens scalance xc216-4c g (e/ip)
- canonical/siemens scalance xc216-4c g eec
- canonical/siemens scalance xc216eec
- canonical/siemens scalance xc224-4c g eec firmware
- canonical/siemens scalance xc224-4c g (eip def.) firmware
- canonical/siemens scalance xc224-4c g (e/ip) firmware
- canonical/siemens scalance xc224-4c g (e/ip)
- canonical/siemens scalance xc224 firmware
- canonical/siemens scalance xc224-4c g
- canonical/siemens scalance xf201-3p irt
- canonical/siemens scalance xf202-2p irt
- canonical/siemens scalance xf204 firmware
- canonical/siemens scalance xf204-2 firmware
- canonical/siemens scalance xf204-2
- canonical/siemens scalance xf204-2ba dna
- canonical/siemens scalance xf204-2ba irt
- canonical/siemens scalance xf204irt
- canonical/siemens scalance xf204 dna
- canonical/siemens scalance xf206-1
- canonical/siemens scalance xf208
- canonical/siemens scalance xp208 (ethernet/ip)
- canonical/siemens scalance xp208 (eip)
- canonical/siemens scalance xp208 (eip) firmware
- canonical/siemens scalance xp208eec
- canonical/siemens scalance xp208poe eec
- canonical/siemens scalance xp208poe eec firmware
- canonical/siemens scalance xp216 (eip) firmware
- canonical/siemens scalance xp216 (eip)
- canonical/siemens scalance xp216eec
- canonical/siemens scalance xp216eec firmware
- canonical/siemens scalance xp216poe eec
- canonical/siemens scalance xp216poe eec firmware