Weak SSH Cipher Configuration in SCALANCE X200 and X201 Series by Siemens

CVE-2023-29054

What is CVE-2023-29054?

A vulnerability exists in multiple models of the SCALANCE series by Siemens, where the SSH server is improperly configured to use weak cryptographic ciphers by default. This misconfiguration poses a significant risk as it potentially allows unauthorized attackers to intercept and modify data between legitimate clients and the affected devices, facilitating man-in-the-middle attacks. Users are advised to upgrade to version V5.5.2 or later to mitigate these risks. For detailed information, please refer to the official Siemens advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References