Session ID Hijacking in Siemens SCALANCE X302-7 and X308-2 Products
CVE-2022-25752

9.8CRITICAL

Key Information:

Vendor: Siemens
Status: Scalance X302-7 Eec (230v); Scalance X302-7 Eec (230v, Coated); Scalance X302-7 Eec (24v); Scalance X302-7 Eec (24v, Coated)
Vendor: CVE Published:; 12 April 2022

Summary

A vulnerability in various Siemens SCALANCE devices allows an unauthenticated remote attacker to exploit the insecure calculation of session IDs and nonces by the web server. This flaw enables attackers to brute-force valid session IDs, potentially leading to unauthorized access and session hijacking.

Affected Version(s)

SCALANCE X302-7 EEC (230V, coated) All versions < V4.1.4

SCALANCE X302-7 EEC (230V) All versions < V4.1.4

SCALANCE X302-7 EEC (24V, coated) All versions < V4.1.4

References

https://cert-portal.siemens.com/productcert/pdf/ssa-83652...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 12, 2022
Vulnerability Reserved
Feb 22, 2022