CVE-2019-10927
MEDIUMSCALANCE XB-200, XC-200, XF-200BA, XP-200, XR-300WG Firmware 4.1 - Authenticated Denial of Service via Port 22/tcp
Title source: llmDescription
A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf
Scores
CVSS v3
6.5
EPSS
0.0117
EPSS Percentile
63.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-703
Status
published
Products (5)
siemens/scalance_xb-200_firmware
4.1
siemens/scalance_xc-200_firmware
4.1
siemens/scalance_xf-200ba_firmware
4.1
siemens/scalance_xp-200_firmware
4.1
siemens/scalance_xr-300wg_firmware
4.1
Published
Aug 13, 2019
Tracked Since
Feb 18, 2026