Weak Random Number Generation in Siemens SCALANCE X-200 Switches
CVE-2013-5709

Currently unrated

Key Information:

Vendor

Siemens
Status
Scalance X-200 Series Firmware
Scalance X-200
Scalance X-200rna
Scalance X200-4p Irt
Vendor
CVE Published:
17 September 2013

What is CVE-2013-5709?

The authentication mechanism implemented in the web server of Siemens SCALANCE X-200 switches with firmware versions prior to 5.0.0 is inadequately designed, as it fails to use a robust source of entropy for generating random numbers. This shortcoming enables malicious actors to predict random values more easily, leading to the potential hijacking of active sessions. Organizations using affected devices should prioritize updating their firmware to mitigate these security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.siemens.com/corporate-technology/pool/de/forsc...
x_refsource_CONFIRM
http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01
x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-85070...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.