Scalance W784 1
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-4652 | 0.01 | — | 0.10 | Aug 1, 2013 | Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection. | |||
| CVE-2022-46140 | 0.00 | — | 0.00 | Dec 13, 2022 | Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. | |||
| CVE-2022-46143 | 0.00 | — | 0.00 | Dec 13, 2022 | Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. | |||
| CVE-2022-46142 | 0.00 | — | 0.00 | Dec 13, 2022 | Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. | |||
| CVE-2020-28400 | 0.00 | — | 0.01 | Jul 13, 2021 | Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. | |||
| CVE-2013-4651 | 0.00 | — | 0.00 | Aug 1, 2013 | Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship. |
- CVE-2013-4652Aug 1, 2013risk 0.01cvss —epss 0.10
Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.
- CVE-2022-46140Dec 13, 2022risk 0.00cvss —epss 0.00
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
- CVE-2022-46143Dec 13, 2022risk 0.00cvss —epss 0.00
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
- CVE-2022-46142Dec 13, 2022risk 0.00cvss —epss 0.00
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
- CVE-2020-28400Jul 13, 2021risk 0.00cvss —epss 0.01
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
- CVE-2013-4651Aug 1, 2013risk 0.00cvss —epss 0.00
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.