Man-in-the-Middle Vulnerability in SCALANCE Switch Families by Siemens
CVE-2020-28391

5.9MEDIUM

Key Information:

Vendor
Siemens
Status
Scalance X-200 Switch Family (incl. Siplus Net Variants)
Scalance X-200irt Switch Family (incl. Siplus Net Variants)
Scalance X-200rna Switch Family
Vendor
CVE Published:
12 January 2021

Summary

A vulnerability exists within the SCALANCE X-200 switch family and its variants that affects devices running outdated firmware versions. When factory reset, these devices generate a new unique encryption key, unless they are paired with C-PLUG. In such cases, they resort to using a hardcoded private RSA key that’s included with the original firmware. This security flaw exposes the devices to man-in-the-middle attacks, allowing attackers to intercept and decrypt previously captured network traffic, thereby compromising secure communications.

Affected Version(s)

SCALANCE X-200 switch family (incl. SIPLUS NET variants) All versions < V5.2.5

SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) All versions < V5.5.0

SCALANCE X-200RNA switch family All versions < V3.2.7

References

https://cert-portal.siemens.com/productcert/pdf/ssa-27490...
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.