Unrated severityNVD Advisory· Published May 24, 2013· Updated Apr 29, 2026

CVE-2013-3633

Description

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account.

Affected products

Siemens Foundation/Scalance X200irt Firmware
cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*
Range: <=5.0.0
Siemens Foundation/Scalance X200 4p Irt
cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*
Siemens Foundation/Scalance X201 3p Irt2 versions
cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x201-3p_irt:-:-:pro:*:*:*:*:*
Siemens Foundation/Scalance X202 2irt
cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*
Siemens Foundation/Scalance X202 2p Irt2 versions
cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x202-2p_irt:-:-:pro:*:*:*:*:*
Siemens Foundation/Scalance X204irt2 versions
cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_x204irt:-:-:pro:*:*:*:*:*
Siemens Foundation/Scalance Xf204irt
cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-170686.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000