Scalance W744 1
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-28400 | Hig | 0.49 | 7.5 | 0.02 | Jul 13, 2021 | Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. | ||
| CVE-2022-46140 | Med | 0.42 | 6.5 | 0.00 | Dec 13, 2022 | Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. | ||
| CVE-2022-46142 | Med | 0.37 | 5.7 | 0.00 | Dec 13, 2022 | Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. | ||
| CVE-2022-46143 | Low | 0.18 | 2.7 | 0.01 | Dec 13, 2022 | Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. | ||
| CVE-2013-4652 | 0.00 | — | 0.06 | Aug 1, 2013 | Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection. | |||
| CVE-2013-4651 | 0.00 | — | 0.01 | Aug 1, 2013 | Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust… |
- risk 0.49cvss 7.5epss 0.02
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
- risk 0.42cvss 6.5epss 0.00
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
- risk 0.37cvss 5.7epss 0.00
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
- risk 0.18cvss 2.7epss 0.01
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
- CVE-2013-4652Aug 1, 2013risk 0.00cvss —epss 0.06
Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.
- CVE-2013-4651Aug 1, 2013risk 0.00cvss —epss 0.01
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust…