Authentication Bypass in Siemens Scalance W7xx Devices
CVE-2013-4652

Currently unrated

Key Information:

Vendor: Siemens
Status: Scalance W700 Series Firmware; Scalance W744-1; Scalance W744-1pro; Scalance W746-1
Vendor: CVE Published:; 1 August 2013

Summary

An unspecified vulnerability in the command-line management interface of Siemens Scalance W7xx devices allows unauthorized access. Attackers can exploit this flaw through SSH or TELNET connections, bypassing authentication mechanisms. This poses significant risks, enabling them to execute arbitrary code remotely, potentially compromising the integrity and confidentiality of the affected systems. Users are advised to ensure their devices are updated to firmware version 4.5.4 or later to mitigate this vulnerability.

References

http://www.siemens.com/corporate-technology/pool/de/forsc...

x_refsource_CONFIRM

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 1, 2013