Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Scalance X201-3pirt
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1049 1 Siemens 10 Scalance X-200 Series Firmware, Scalance X201-3p Irt Pro, Scalance X201-3pirt and 7 more 2024-11-21 6.8 MEDIUM N/A
The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.
CVE-2020-25226 1 Siemens 132 Scalance X200-4pirt, Scalance X200-4pirt Firmware, Scalance X201-3pirt and 129 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.
CVE-2020-28391 1 Siemens 132 Scalance X200-4pirt, Scalance X200-4pirt Firmware, Scalance X201-3pirt and 129 more 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
CVE-2020-15800 1 Siemens 132 Scalance X200-4pirt, Scalance X200-4pirt Firmware, Scalance X201-3pirt and 129 more 2024-02-28 9.3 HIGH 9.8 CRITICAL
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.
CVE-2020-15799 1 Siemens 132 Scalance X200-4pirt, Scalance X200-4pirt Firmware, Scalance X201-3pirt and 129 more 2024-02-28 7.1 HIGH 6.5 MEDIUM
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.