Unrated severityNVD Advisory· Published Aug 1, 2013· Updated Apr 29, 2026
CVE-2013-4651
CVE-2013-4651
Description
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.
Affected products
17- cpe:2.3:h:siemens:scalance_w744-1:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w744-1pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w746-1:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w746-1pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w747-1:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w747-1rr:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w784-1:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w784-1rr:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w786-1pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w786-2pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w786-2rr:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w786-3pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w788-1pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w788-1rr:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w788-2pro:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w788-2rr:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_w700_series_firmware:*:*:*:*:*:*:*:*Range: <=4.4.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.