CVE-2019-10927

MEDIUM

SCALANCE - DoS

Title source: llm

Description

A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf

Scores

CVSS v3 6.5

EPSS 0.0056

EPSS Percentile 68.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-703

Status published

Products (5)

siemens/scalance_xb-200_firmware 4.1

siemens/scalance_xc-200_firmware 4.1

siemens/scalance_xf-200ba_firmware 4.1

siemens/scalance_xp-200_firmware 4.1

siemens/scalance_xr-300wg_firmware 4.1

Published Aug 13, 2019

Tracked Since Feb 18, 2026