← Back to home
SIEMENS-SSA-176087  ·  Published 2020-02-10  ·  View on Siemens ProductCERT ↗

SSA-176087 (Last Update: 2020-02-10): Unauthenticated Access to Critical Services in SCALANCE X-200 Switch Family

CVSS N/A MEDIUM

Risk Summary

<p>A potential vulnerability was discovered in the web server authentication of SCALANCE X-200 and X-200IRT switches that might allow attackers to perform administrative operations over the network without authentication. This issue only applies to switches using older firmware versions and has been fixed from firmware V4.5.0 (non-IRT) and V5.1.0 (IRT) on.</p> <p>Siemens recommends upgrading to the current firmware versions V5.0.1 (non-IRT) and V5.1.2 (IRT).</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-176087 (Last Update: 2020-02-10): Unauthenticated Access to Critical Services in SCALANCE X-200 Switch Family See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more