Description
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-120908.pdf
Scores
EPSS
0.0032
EPSS Percentile
55.6%
Details
CWE
CWE-255
Status
published
Products (17)
siemens/scalance_w700_series_firmware
< 4.4.0
siemens/scalance_w744-1
siemens/scalance_w744-1pro
siemens/scalance_w746-1
siemens/scalance_w746-1pro
siemens/scalance_w747-1
siemens/scalance_w747-1rr
siemens/scalance_w784-1
siemens/scalance_w784-1rr
siemens/scalance_w786-1pro
... and 7 more
Published
Aug 01, 2013
Tracked Since
Feb 18, 2026