CVE-2020-28391 — MEDIUM (5.9)

Q: How severe is CVE-2020-28391?

CVE-2020-28391 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-28391?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Scalance X200-4Pirt Firmware, Siemens Scalance X200-4Pirt, Siemens Scalance X201-3Pirt Firmware, Siemens Scalance X201-3Pirt, Siemens Scalance X202-2Irt Firmware.

Vulnerability Description

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Siemens	Scalance X200-4Pirt Firmware	< 5.5.0
Siemens	Scalance X200-4Pirt	-
Siemens	Scalance X201-3Pirt Firmware	< 5.5.0
Siemens	Scalance X201-3Pirt	-
Siemens	Scalance X202-2Irt Firmware	< 5.5.0
Siemens	Scalance X202-2Irt	-
Siemens	Scalance X202-2Pirt Firmware	< 5.5.0
Siemens	Scalance X202-2Pirt	-
Siemens	Scalance X202-2Pirt Siplus Net Firmware	< 5.5.0
Siemens	Scalance X202-2Pirt Siplus Net	-
Siemens	Scalance X204Irt Firmware	< 5.5.0
Siemens	Scalance X204Irt	-
Siemens	Scalance X307-3 Firmware	All versions
Siemens	Scalance X307-3	-
Siemens	Scalance X307-3Ld Firmware	All versions
Siemens	Scalance X307-3Ld	-
Siemens	Scalance X308-2 Firmware	All versions
Siemens	Scalance X308-2	-
Siemens	Scalance X308-2Ld Firmware	All versions
Siemens	Scalance X308-2Ld	-

Related Weaknesses (CWE)

CWE-321 CWE-798

References

https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02Third Party AdvisoryUS Government ResourceVendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02Third Party AdvisoryUS Government ResourceVendor Advisory

FAQ

What is CVE-2020-28391?

CVE-2020-28391 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5....

How severe is CVE-2020-28391?

CVE-2020-28391 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-28391?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Scalance X200-4Pirt Firmware, Siemens Scalance X200-4Pirt, Siemens Scalance X201-3Pirt Firmware, Siemens Scalance X201-3Pirt, Siemens Scalance X202-2Irt Firmware.