CVE-2020-25226

EPSS 0.83%
Published 12.01.2021 21:15:16
Last modified 21.11.2024 05:17:42
Source productcert@siemens.com
Teams watchlist Login
Open Login

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.

Affected products Warnungen 0 Metrics 3 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Siemens ≫ Scalance X200-4pirt Firmware Version < 5.5.0

Siemens ≫ Scalance X200-4pirt Version-

Siemens ≫ Scalance X201-3pirt Firmware Version < 5.5.0

Siemens ≫ Scalance X201-3pirt Version-

Siemens ≫ Scalance X202-2irt Firmware Version < 5.5.0

Siemens ≫ Scalance X202-2irt Version-

Siemens ≫ Scalance X202-2pirt Firmware Version < 5.5.0

Siemens ≫ Scalance X202-2pirt Version-

Siemens ≫ Scalance X202-2pirt Siplus Net Firmware Version < 5.5.0

Siemens ≫ Scalance X202-2pirt Siplus Net Version-

Siemens ≫ Scalance X204irt Firmware Version < 5.5.0

Siemens ≫ Scalance X204irt Version-

Siemens ≫ Scalance X307-3 Firmware

Siemens ≫ Scalance X307-3 Version-

Siemens ≫ Scalance X307-3ld Firmware

Siemens ≫ Scalance X307-3ld Version-

Siemens ≫ Scalance X308-2 Firmware

Siemens ≫ Scalance X308-2 Version-

Siemens ≫ Scalance X308-2ld Firmware

Siemens ≫ Scalance X308-2ld Version-

Siemens ≫ Scalance X308-2lh Firmware

Siemens ≫ Scalance X308-2lh Version-

Siemens ≫ Scalance X308-2lh+ Firmware

Siemens ≫ Scalance X308-2lh+ Version-

Siemens ≫ Scalance X308-2m Firmware

Siemens ≫ Scalance X308-2m Version-

Siemens ≫ Scalance X308-2m Ts Firmware

Siemens ≫ Scalance X308-2m Ts Version-

Siemens ≫ Scalance X310 Firmware

Siemens ≫ Scalance X310 Version-

Siemens ≫ Scalance X310fe Firmware

Siemens ≫ Scalance X310fe Version-

Siemens ≫ Scalance X320-1fe Firmware

Siemens ≫ Scalance X320-1fe Version-

Siemens ≫ Scalance X320-3ldfe Firmware

Siemens ≫ Scalance X320-3ldfe Version-

Siemens ≫ Scalance Xb205-3 Firmware Version < 5.2.5

Siemens ≫ Scalance Xb205-3 Version-

Siemens ≫ Scalance Xb205-3ld Firmware Version < 5.2.5

Siemens ≫ Scalance Xb205-3ld Version-

Siemens ≫ Scalance Xb208 Firmware Version < 5.2.5

Siemens ≫ Scalance Xb208 Version-

Siemens ≫ Scalance Xb213-3 Firmware Version < 5.2.5

Siemens ≫ Scalance Xb213-3 Version-

Siemens ≫ Scalance Xb213-3ld Firmware Version < 5.2.5

Siemens ≫ Scalance Xb213-3ld Version-

Siemens ≫ Scalance Xb216 Firmware Version < 5.2.5

Siemens ≫ Scalance Xb216 Version-

Siemens ≫ Scalance Xc206-2 Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2 Version-

Siemens ≫ Scalance Xc206-2g Poe Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2g Poe Version-

Siemens ≫ Scalance Xc206-2g Poe Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2g Poe Eec Version-

Siemens ≫ Scalance Xc206-2sfp Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2sfp Version-

Siemens ≫ Scalance Xc206-2sfp Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2sfp Eec Version-

Siemens ≫ Scalance Xc206-2sfp G Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2sfp G Version-

Siemens ≫ Scalance Xc206-2sfp G (e/ip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2sfp G (e/ip) Version-

Siemens ≫ Scalance Xc206-2sfp G Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc206-2sfp G Eec Version-

Siemens ≫ Scalance Xc208 Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208 Version-

Siemens ≫ Scalance Xc208eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208eec Version-

Siemens ≫ Scalance Xc208g Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208g Version-

Siemens ≫ Scalance Xc208g (e/ip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208g (e/ip) Version-

Siemens ≫ Scalance Xc208g Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208g Eec Version-

Siemens ≫ Scalance Xc208g Poe Firmware Version < 5.2.5

Siemens ≫ Scalance Xc208g Poe Version-

Siemens ≫ Scalance Xc216 Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216 Version-

Siemens ≫ Scalance Xc216-4c Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216-4c Version-

Siemens ≫ Scalance Xc216-4c G Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216-4c G Version-

Siemens ≫ Scalance Xc216-4c G (e/ip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216-4c G (e/ip) Version-

Siemens ≫ Scalance Xc216-4c G Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216-4c G Eec Version-

Siemens ≫ Scalance Xc216eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc216eec Version-

Siemens ≫ Scalance Xc224-4c G Firmware Version < 5.2.5

Siemens ≫ Scalance Xc224-4c G Version-

Siemens ≫ Scalance Xc224-4c G (e/ip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xc224-4c G (e/ip) Version-

Siemens ≫ Scalance Xc224-4c G Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xc224-4c G Eec Version-

Siemens ≫ Scalance Xc224 Firmware Version < 5.2.5

Siemens ≫ Scalance Xc224 Version-

Siemens ≫ Scalance Xf201-3p Irt Firmware Version < 5.2.5

Siemens ≫ Scalance Xf201-3p Irt Version-

Siemens ≫ Scalance Xf202-2p Irt Firmware Version < 5.2.5

Siemens ≫ Scalance Xf202-2p Irt Version-

Siemens ≫ Scalance Xf204 Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204 Version-

Siemens ≫ Scalance Xf204-2 Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204-2 Version-

Siemens ≫ Scalance Xf204-2ba Dna Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204-2ba Dna Version-

Siemens ≫ Scalance Xf204-2ba Irt Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204-2ba Irt Version-

Siemens ≫ Scalance Xf204 Dna Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204 Dna Version-

Siemens ≫ Scalance Xf204irt Firmware Version < 5.2.5

Siemens ≫ Scalance Xf204irt Version-

Siemens ≫ Scalance Xf206-1 Firmware Version < 5.2.5

Siemens ≫ Scalance Xf206-1 Version-

Siemens ≫ Scalance Xf208 Firmware Version < 5.2.5

Siemens ≫ Scalance Xf208 Version-

Siemens ≫ Scalance Xp208 Firmware Version < 5.2.5

Siemens ≫ Scalance Xp208 Version-

Siemens ≫ Scalance Xp208 (eip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xp208 (eip) Version-

Siemens ≫ Scalance Xp208eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xp208eec Version-

Siemens ≫ Scalance Xp208poe Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xp208poe Eec Version-

Siemens ≫ Scalance Xp216 Firmware Version < 5.2.5

Siemens ≫ Scalance Xp216 Version-

Siemens ≫ Scalance Xp216 (eip) Firmware Version < 5.2.5

Siemens ≫ Scalance Xp216 (eip) Version-

Siemens ≫ Scalance Xp216eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xp216eec Version-

Siemens ≫ Scalance Xp216poe Eec Firmware Version < 5.2.5

Siemens ≫ Scalance Xp216poe Eec Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.83%	0.735

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-25226

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-25226

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-25226

EUVD