Denial-of-Service Vulnerability in SCALANCE Devices by Siemens
CVE-2019-10927

6.5MEDIUM

Key Information:

Vendor: Siemens Ag
Status: Scalance Sc-600; Scalance Xb-200; Scalance Xc-200; Scalance Xf-200ba
Vendor: CVE Published:; 13 August 2019

Summary

A vulnerability exists in several SCALANCE devices where an authenticated attacker with network access to port 22/tcp can trigger a Denial-of-Service (DoS) condition. This flaw allows the attacker to impact the device's availability without the need for user interaction. The affected models include SCALANCE SC-600, XB-200, XC-200, XF-200BA, XP-200, and XR-300WG. Mitigation steps should be taken to secure these devices against possible exploitation.

Affected Version(s)

SCALANCE SC-600 V2.0

SCALANCE XB-200 V4.1

SCALANCE XC-200 V4.1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-67128...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2019
Vulnerability Reserved
Apr 8, 2019