Siemens SCALANCE X-200IRT man-in-the-middle | CVE-2023-2905

NAME
__________
Siemens SCALANCE X-200IRT man-in-the-middle

Platforms Affected:
Siemens SCALANCE X200-4P IRT
Siemens SCALANCE X201-3P IRT
Siemens SCALANCE X201-3P IRT PRO
Siemens SCALANCE X202-2IRT
Siemens SCALANCE X202-2P IRT
Siemens SCALANCE X202-2P IRT PRO
Siemens SCALANCE X204IRT
Siemens SCALANCE XF204-2BA IRT
Siemens SIPLUS NET SCALANCE X202-2P IRT

Risk Level:
6.7

Exploitability:
Unproven

Consequences:
Obtain Information

DESCRIPTION
__________

Siemens SCALANCE X-200IRT is vulnerable to a man-in-the-middle attack, caused by using weak ciphers by default. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information.

CVSS 3.0 Information
__________

Privileges Required:
None

User Interaction:
Required

Scope:
Unchanged

Access Vector:
Adjacent Network


 


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

 To keep up to date follow us on the below channels.

join
Telegram
discord
Discord
reddit
Reddit
linkedin
LinkedIn