Unrated severityNVD Advisory· Published Apr 18, 2012· Updated Apr 29, 2026

CVE-2012-1799

Description

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.

Affected products

Siemens Foundation/Scalance S Firmware3 versions
cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*range: <=2.3.0
- cpe:2.3:a:siemens:scalance_s_firmware:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:scalance_s_firmware:2.2.0:*:*:*:*:*:*:*
Siemens Foundation/Scalance S602
cpe:2.3:h:siemens:scalance_s602:v2:*:*:*:*:*:*:*
Siemens Foundation/Scalance S612
cpe:2.3:h:siemens:scalance_s612:v2:*:*:*:*:*:*:*
Siemens Foundation/Scalance S613
cpe:2.3:h:siemens:scalance_s613:v2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdfnvdVendor Advisory
www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdfnvdUS Government Resource
osvdb.org/81033nvd
support.automation.siemens.com/WW/view/en/59869684nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000