First published: Tue Jan 12 2021(Updated: )
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Scalance X200-4pirt Firmware | <5.5.0 | |
Siemens Scalance X200-4pirt | ||
Siemens Scalance X201-3pirt Firmware | <5.5.0 | |
Siemens Scalance X201-3pirt | ||
Siemens Scalance X202-2irt Firmware | <5.5.0 | |
Siemens Scalance X202-2irt | ||
Siemens Scalance X202-2pirt Firmware | <5.5.0 | |
Siemens Scalance X202-2pirt | ||
Siemens Scalance X202-2pirt Siplus Net Firmware | <5.5.0 | |
Siemens Scalance X202-2pirt Siplus Net | ||
Siemens Scalance X204irt Firmware | <5.5.0 | |
Siemens Scalance X204irt | ||
Siemens Scalance X307-3 Firmware | ||
Siemens Scalance X307-3 | ||
Siemens Scalance X307-3ld Firmware | ||
Siemens Scalance X307-3ld | ||
Siemens Scalance X308-2 Firmware | ||
Siemens Scalance X308-2 | ||
Siemens Scalance X308-2ld Firmware | ||
Siemens Scalance X308-2ld | ||
Siemens Scalance X308-2lh Firmware | ||
Siemens Scalance X308-2lh | ||
Siemens Scalance X308-2lh\+ Firmware | ||
Siemens Scalance X308-2lh\+ | ||
Siemens Scalance X308-2m Firmware | ||
Siemens Scalance X308-2m | ||
Siemens Scalance X308-2m Ts Firmware | ||
Siemens Scalance X308-2m Ts | ||
Siemens Scalance X310 Firmware | ||
Siemens Scalance X310 | ||
Siemens Scalance X310fe Firmware | ||
Siemens Scalance X310fe | ||
Siemens Scalance X320-1fe Firmware | ||
Siemens Scalance X320-1fe | ||
Siemens Scalance X320-3ldfe Firmware | ||
Siemens Scalance X320-3ldfe | ||
Siemens Scalance Xb205-3 Firmware | <5.2.5 | |
Siemens Scalance Xb205-3 | ||
Siemens Scalance Xb205-3ld Firmware | <5.2.5 | |
Siemens Scalance Xb205-3ld | ||
Siemens Scalance Xb208 Firmware | <5.2.5 | |
Siemens Scalance Xb208 | ||
Siemens Scalance Xb213-3 Firmware | <5.2.5 | |
Siemens Scalance Xb213-3 | ||
Siemens Scalance Xb213-3ld Firmware | <5.2.5 | |
Siemens Scalance Xb213-3ld | ||
Siemens Scalance Xb216 Firmware | <5.2.5 | |
Siemens Scalance Xb216 | ||
Siemens Scalance Xc206-2 Firmware | <5.2.5 | |
Siemens Scalance Xc206-2 | ||
Siemens Scalance Xc206-2g Poe Firmware | <5.2.5 | |
Siemens Scalance Xc206-2g Poe | ||
Siemens Scalance Xc206-2g Poe Eec Firmware | <5.2.5 | |
Siemens Scalance Xc206-2g Poe Eec | ||
Siemens Scalance Xc206-2sfp Firmware | <5.2.5 | |
Siemens Scalance Xc206-2sfp | ||
Siemens Scalance Xc206-2sfp Eec Firmware | <5.2.5 | |
Siemens Scalance Xc206-2sfp Eec | ||
Siemens Scalance Xc206-2sfp G Firmware | <5.2.5 | |
Siemens Scalance Xc206-2sfp G | ||
Siemens Scalance Xc206-2sfp G \(e\/ip\) Firmware | <5.2.5 | |
Siemens Scalance Xc206-2sfp G \(e\/ip\) | ||
Siemens Scalance Xc206-2sfp G Eec Firmware | <5.2.5 | |
Siemens Scalance Xc206-2sfp G Eec | ||
Siemens Scalance Xc208 Firmware | <5.2.5 | |
Siemens Scalance Xc208 | ||
Siemens Scalance Xc208eec Firmware | <5.2.5 | |
Siemens Scalance Xc208eec | ||
Siemens Scalance Xc208g Firmware | <5.2.5 | |
Siemens Scalance Xc208g | ||
Siemens Scalance Xc208g \(e\/ip\) Firmware | <5.2.5 | |
Siemens Scalance Xc208g \(e\/ip\) | ||
Siemens Scalance Xc208g Eec Firmware | <5.2.5 | |
Siemens Scalance Xc208g Eec | ||
Siemens Scalance Xc208g Poe Firmware | <5.2.5 | |
Siemens Scalance Xc208g Poe | ||
Siemens Scalance Xc216 Firmware | <5.2.5 | |
Siemens Scalance Xc216 | ||
Siemens Scalance Xc216-4c Firmware | <5.2.5 | |
Siemens Scalance Xc216-4c | ||
Siemens Scalance Xc216-4c G Firmware | <5.2.5 | |
Siemens Scalance Xc216-4c G | ||
Siemens Scalance Xc216-4c G \(e\/ip\) Firmware | <5.2.5 | |
Siemens Scalance Xc216-4c G \(e\/ip\) | ||
Siemens Scalance Xc216-4c G Eec Firmware | <5.2.5 | |
Siemens Scalance Xc216-4c G Eec | ||
Siemens Scalance Xc216eec Firmware | <5.2.5 | |
Siemens Scalance Xc216eec | ||
Siemens Scalance Xc224-4c G Firmware | <5.2.5 | |
Siemens Scalance Xc224-4c G | ||
Siemens Scalance Xc224-4c G \(e\/ip\) Firmware | <5.2.5 | |
Siemens Scalance Xc224-4c G \(e\/ip\) | ||
Siemens Scalance Xc224-4c G Eec Firmware | <5.2.5 | |
Siemens Scalance Xc224-4c G Eec | ||
Siemens Scalance Xc224 Firmware | <5.2.5 | |
Siemens Scalance Xc224 | ||
Siemens Scalance Xf201-3p Irt Firmware | <5.2.5 | |
Siemens Scalance Xf201-3p Irt | ||
Siemens Scalance Xf202-2p Irt Firmware | <5.2.5 | |
Siemens Scalance Xf202-2p Irt | ||
Siemens Scalance Xf204 Firmware | <5.2.5 | |
Siemens Scalance Xf204 | ||
Siemens Scalance Xf204-2 Firmware | <5.2.5 | |
Siemens Scalance Xf204-2 | ||
Siemens Scalance Xf204-2ba Dna Firmware | <5.2.5 | |
Siemens Scalance Xf204-2ba Dna | ||
Siemens Scalance Xf204-2ba Irt Firmware | <5.2.5 | |
Siemens Scalance Xf204-2ba Irt | ||
Siemens Scalance Xf204 Dna Firmware | <5.2.5 | |
Siemens Scalance Xf204 Dna | ||
Siemens Scalance Xf204irt Firmware | <5.2.5 | |
Siemens Scalance Xf204irt | ||
Siemens Scalance Xf206-1 Firmware | <5.2.5 | |
Siemens Scalance Xf206-1 | ||
Siemens Scalance Xf208 Firmware | <5.2.5 | |
Siemens Scalance Xf208 | ||
Siemens Scalance Xp208 Firmware | <5.2.5 | |
Siemens Scalance Xp208 | ||
Siemens Scalance Xp208 \(eip\) Firmware | <5.2.5 | |
Siemens Scalance Xp208 \(eip\) | ||
Siemens Scalance Xp208eec Firmware | <5.2.5 | |
Siemens Scalance Xp208eec | ||
Siemens Scalance Xp208poe Eec Firmware | <5.2.5 | |
Siemens Scalance Xp208poe Eec | ||
Siemens Scalance Xp216 Firmware | <5.2.5 | |
Siemens Scalance Xp216 | ||
Siemens Scalance Xp216 \(eip\) Firmware | <5.2.5 | |
Siemens Scalance Xp216 \(eip\) | ||
Siemens Scalance Xp216eec Firmware | <5.2.5 | |
Siemens Scalance Xp216eec | ||
Siemens Scalance Xp216poe Eec Firmware | <5.2.5 | |
Siemens Scalance Xp216poe Eec | ||
Siemens SCALANCE X-200 switch family (incl. SIPLUS NET variants) | <5.2.5 | 5.2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.