CVE-2020-28391

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02 Third Party Advisory US Government Resource Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:scalance_x200-4pirt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x200-4pirt:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:scalance_x201-3pirt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x201-3pirt:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_x202-2pirt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x202-2pirt:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_x202-2pirt_siplus_net_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x202-2pirt_siplus_net:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3ld_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3ld:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:scalance_xb208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb208:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3ld_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3ld:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:siemens:scalance_xb216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb216:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2g_poe__firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2g_poe_:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g__firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g_:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g_\(e\/ip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224__firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224_:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204_dna_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*

Configuration 58 (hide)

AND
cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*

Configuration 59 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*

Configuration 60 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208_\(eip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208_\(eip\):-:*:*:*:*:*:*:*

Configuration 61 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*

Configuration 62 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*

Configuration 63 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*

Configuration 64 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216_\(eip\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216_\(eip\):-:*:*:*:*:*:*:*

Configuration 65 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*

Configuration 66 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-01-12 21:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-28391

Mitre link : CVE-2020-28391

CVE.ORG link : CVE-2020-28391


JSON object : View

Products Affected

siemens

  • scalance_xc224-4c_g_eec
  • scalance_xf204-2_firmware
  • scalance_xc206-2sfp_eec_firmware
  • scalance_xc206-2
  • scalance_x310
  • scalance_xc208eec_firmware
  • scalance_xf204_firmware
  • scalance_x201-3pirt
  • scalance_xc224-4c_g_
  • scalance_xc206-2sfp_g_eec_firmware
  • scalance_x202-2pirt_firmware
  • scalance_x320-3ldfe_firmware
  • scalance_xb213-3ld_firmware
  • scalance_xc224-4c_g_\(e\/ip\)_firmware
  • scalance_xf204-2ba_irt_firmware
  • scalance_xb216_firmware
  • scalance_x310fe
  • scalance_xc208g_\(e\/ip\)
  • scalance_xb205-3_firmware
  • scalance_x202-2pirt_siplus_net_firmware
  • scalance_x310fe_firmware
  • scalance_x308-2m_ts_firmware
  • scalance_xp208eec_firmware
  • scalance_x308-2m
  • scalance_xf206-1_firmware
  • scalance_xp208_\(eip\)
  • scalance_xc208g_eec
  • scalance_xb213-3ld
  • scalance_xc208g_\(e\/ip\)_firmware
  • scalance_xc208g_eec_firmware
  • scalance_xc216
  • scalance_xc208_firmware
  • scalance_xp216eec
  • scalance_x310_firmware
  • scalance_x308-2m_ts
  • scalance_xf206-1
  • scalance_xf204
  • scalance_x308-2
  • scalance_xc216-4c_g_\(e\/ip\)
  • scalance_xp208_firmware
  • scalance_x202-2pirt_siplus_net
  • scalance_xp216eec_firmware
  • scalance_xc216-4c_g_eec
  • scalance_x307-3ld_firmware
  • scalance_x202-2pirt
  • scalance_x308-2lh_firmware
  • scalance_xc206-2g_poe_
  • scalance_x308-2lh
  • scalance_x308-2lh\+_firmware
  • scalance_x200-4pirt_firmware
  • scalance_xc208g_poe_firmware
  • scalance_xb205-3ld
  • scalance_x320-1fe
  • scalance_xc206-2sfp_g
  • scalance_xf204-2ba_dna
  • scalance_xf208_firmware
  • scalance_x307-3ld
  • scalance_xc206-2_firmware
  • scalance_xc206-2sfp_eec
  • scalance_x202-2irt_firmware
  • scalance_xc206-2sfp_g_firmware
  • scalance_xb208
  • scalance_xf202-2p_irt_firmware
  • scalance_xf208
  • scalance_xf201-3p_irt
  • scalance_xf204irt
  • scalance_xc206-2g_poe_eec_firmware
  • scalance_xp208poe_eec_firmware
  • scalance_x308-2ld_firmware
  • scalance_xb213-3_firmware
  • scalance_xp216poe_eec
  • scalance_xb205-3
  • scalance_xc216-4c_g
  • scalance_x308-2_firmware
  • scalance_xc206-2g_poe__firmware
  • scalance_xp216poe_eec_firmware
  • scalance_x320-3ldfe
  • scalance_xc224__firmware
  • scalance_xp216_\(eip\)_firmware
  • scalance_xp216_\(eip\)
  • scalance_xc224-4c_g__firmware
  • scalance_xp216
  • scalance_xf204_dna
  • scalance_xb213-3
  • scalance_xc216-4c
  • scalance_x308-2m_firmware
  • scalance_x201-3pirt_firmware
  • scalance_xc224-4c_g_eec_firmware
  • scalance_xc224-4c_g_\(e\/ip\)
  • scalance_xp208
  • scalance_xc206-2g_poe_eec
  • scalance_xc224_
  • scalance_x204irt_firmware
  • scalance_xb205-3ld_firmware
  • scalance_xc208
  • scalance_xf204_dna_firmware
  • scalance_xc206-2sfp
  • scalance_xc206-2sfp_g_\(e\/ip\)_firmware
  • scalance_xc216_firmware
  • scalance_xc206-2sfp_g_\(e\/ip\)
  • scalance_xp208poe_eec
  • scalance_xc208g_poe
  • scalance_xf204-2ba_irt
  • scalance_xc208g_firmware
  • scalance_xc208eec
  • scalance_xc216eec
  • scalance_xc208g
  • scalance_xf201-3p_irt_firmware
  • scalance_xb216
  • scalance_xf202-2p_irt
  • scalance_xc216-4c_firmware
  • scalance_xc216eec_firmware
  • scalance_x307-3_firmware
  • scalance_x200-4pirt
  • scalance_x202-2irt
  • scalance_xp216_firmware
  • scalance_xc216-4c_g_\(e\/ip\)_firmware
  • scalance_xp208eec
  • scalance_xc216-4c_g_firmware
  • scalance_xb208_firmware
  • scalance_x308-2lh\+
  • scalance_xf204-2
  • scalance_x320-1fe_firmware
  • scalance_xp208_\(eip\)_firmware
  • scalance_xc206-2sfp_g_eec
  • scalance_xf204irt_firmware
  • scalance_x204irt
  • scalance_x308-2ld
  • scalance_xc206-2sfp_firmware
  • scalance_xc216-4c_g_eec_firmware
  • scalance_x307-3
  • scalance_xf204-2ba_dna_firmware
CWE
CWE-321

Use of Hard-coded Cryptographic Key

CWE-798

Use of Hard-coded Credentials