CVE-2023-29054

MEDIUM

SCALANCE -<V5.5.2 - Info Disclosure

Title source: llm

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.

References (1)

[Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf

Scores

CVSS v3 6.7

EPSS 0.0015

EPSS Percentile 35.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-326

Status published

Products (13)

siemens/scalance_x200-4p_irt_firmware < 5.5.2

siemens/scalance_x201-3p_irt_firmware < 5.5.2

siemens/scalance_x201-3p_irt_pro_firmware < 5.5.2

siemens/scalance_x202-2irt_firmware < 5.5.2

siemens/scalance_x202-2p_irt_firmware < 5.5.2

siemens/scalance_x202-2p_irt_pro_firmware < 5.5.2

siemens/scalance_x204irt_firmware < 5.5.2

siemens/scalance_x204irt_pro_firmware < 5.5.2

siemens/scalance_xf201-3p_irt_firmware < 5.5.2

siemens/scalance_xf202-2p_irt_firmware < 5.5.2

... and 3 more

Published Apr 11, 2023

Tracked Since Feb 18, 2026