CVE-2020-28391
moderate-risk
Published 2021-01-12
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
Do I need to act?
-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
Scalance X200-4Pirt Firmware
Scalance X201-3Pirt Firmware
Scalance X202-2Irt Firmware
Scalance X202-2Pirt Firmware
Scalance X202-2Pirt Siplus Net Firmware
Scalance X204Irt Firmware
Scalance X307-3 Firmware
Scalance X307-3Ld Firmware
Scalance X308-2 Firmware
Scalance X308-2Ld Firmware
Scalance X308-2Lh Firmware
Scalance X308-2Lh\+ Firmware
Scalance X308-2M Firmware
Scalance X308-2M Ts Firmware
Scalance X310 Firmware
Scalance X310Fe Firmware
Scalance X320-1Fe Firmware
Scalance X320-3Ldfe Firmware
Scalance Xb205-3 Firmware
Scalance Xb205-3Ld Firmware
Affected Vendors
References (4)
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02
46
/ 100
moderate-risk
Severity
18/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
27/34 · High