Buffer overflow in Siemens Scalance_x-300
CVE-2012-1802
Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause…
Vulnerability class: Buffer Overflow
EPSS: 0.060 (92.4th percentile) — read the EPSS interpretation.
Affected products
- Siemens Scalance_x-300
- Siemens Scalance_x-300eec
- Siemens Scalance_x-300eec_firmware — versions 3.5.0
- Siemens Scalance_x-300_firmware — versions 2.2.0, 2.3.1, 3.0.0
- Siemens Scalance_x308-2m
- Siemens Scalance_x308-2m_firmware — versions 3.1.1, 3.5.0, 3.5.2
- Siemens Scalance_x414-3e
- Siemens Scalance_x414-3e_firmware — versions 1.2.2, 2.1.1, 2.2.0
- Siemens Scalance_xr-300
- Siemens Scalance_xr-300_firmware — versions 3.1.1, 3.5.0
Weakness classification (CWE)
References
- cret@cert.org (x_refsource_OSVDB, vdb-entry)
- cret@cert.org (US Government Resource, x_refsource_MISC)
- cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)