Vulnerability CVE-2013-4651


Published: 2013-08-01

Description:
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.

Vendor: Siemens
Product: Scalance w700 series firmware 
Version: 4.4.0;
Product: Scalance w747-1rr 
Product: Scalance w744-1 
Product: Scalance w788-1pro 
Product: Scalance w784-1rr 
Product: Scalance w746-1 
Product: Scalance w788-2pro 
Product: Scalance w786-2pro 
Product: Scalance w747-1 
Product: Scalance w786-3pro 
Product: Scalance w784-1 
Product: Scalance w744-1pro 
Product: Scalance w788-1rr 
Product: Scalance w786-1pro 
Product: Scalance w746-1pro 
Product: Scalance w788-2rr 
Product: Scalance w786-2rr 

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.6/10
8.5/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Complete

 References:
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-120908.pdf

Related CVE
CVE-2019-6577
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 un...
CVE-2019-6576
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 un...
CVE-2019-6572
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 un...
CVE-2019-10924
A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user to open a manipulated project. In order to exploit the vulnerabilit...
CVE-2019-10922
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network ac...
CVE-2019-10921
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by...
CVE-2019-10920
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauth...
CVE-2019-10919
A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The...

Copyright 2019, cxsecurity.com

 

Back to Top