← Back to home
SIEMENS-SSA-431802  ·  Published 2020-11-10  ·  View on Siemens ProductCERT ↗

SSA-431802 (Last Update: 2020-11-10): Multiple Vulnerabilities in SCALANCE W1750D

CVSS 9.8 CRITICAL

Risk Summary

<p>Siemens SCALANCE W1750D is a brandlabled device. Aruba has released a related security advisory (ARUBA-PSA-2016-004) [0] disclosing vulnerabilities in its Aruba Instant product line. The advisory contains multiple related vulnerabilities that are summarized in CVE-2016-2031.</p> <p>This advisory is a reminder to customers that the PAPI protocol is not a secure protocol and that some device configurations must be taken to mitigate risks. Although this information was previously disclosed, an impending public disclosure by the Google Security Team (focused on Aruba Instant) will call out the vulnerable details of this protocol and bring it to the attention of the attacker community.</p> <p>Siemens recommends specific countermeasures until fixes are available.</p> <p>[0] <a href="https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt" class="uri">https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt</a></p>

CVEs (1)

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-431802 (Last Update: 2020-11-10): Multiple Vulnerabilities in SCALANCE W1750D See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more