Siemens Scalance_xr324-12m_firmware
14 CVEs affecting Siemens Scalance_xr324-12m_firmware. Latest disclosed: 2022-08-10. Critical: 2, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-25752 | Critical | 9.8 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-36323 | Critical | 9.1 | 2022-08-10 | Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or s… |
CVE-2022-25754 | High | 8.8 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-25753 | High | 8.8 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-36324 | High | 7.5 | 2022-08-10 | Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute fo… |
CVE-2022-26380 | High | 7.5 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-26335 | High | 7.5 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-26334 | High | 7.5 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-25755 | High | 7.5 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2022-25751 | High | 7.5 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2020-28400 | High | 7.5 | 2021-07-13 | Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered i… |
CVE-2022-36325 | Medium | 6.8 | 2022-08-10 | Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with a… |
CVE-2022-25756 | Medium | 6.1 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2020-28395 | Medium | 5.9 | 2021-01-12 | A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variant… |