SNMP Credential Flaw in SCALANCE X-200 Switches by Siemens
CVE-2013-3634

Currently unrated

Key Information:

Vendor: Siemens
Status: Scalance X200irt Firmware; Scalance X200-4p Irt; Scalance X201-3p Irt; Scalance X202-2irt
Vendor: CVE Published:; 24 May 2013

Summary

A security flaw exists in the SNMPv3 implementation of SCALANCE X-200 switch families, including SIPLUS NET variants, allowing attackers to execute SNMP commands without the need for valid user credentials. This could lead to unauthorized control over network devices, potentially exposing sensitive data and compromising network integrity. The affected versions include SCALANCE X-200 (V < 5.0.0) and SCALANCE X-200IRT (V < 5.1.0). Organizations using these devices should implement immediate updates to mitigate potential risks.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-17068...

x_refsource_MISC

Timeline

Vulnerability published
May 24, 2013
Vulnerability Reserved
May 22, 2013