Product:

Scalance_xr\-300wg_firmware

(Siemens)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2021-03-25 CVE-2021-3449 An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default... Multi\-Domain_management_firmware, Quantum_security_gateway_firmware, Quantum_security_management_firmware, Debian_linux, Fedora, Freebsd, Web_gateway, Web_gateway_cloud_service, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, E\-Series_performance_analyzer, Oncommand_insight, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Santricity_smi\-S_provider, Snapcenter, Storagegrid, Openssl, Essbase, Graalvm, Jd_edwards_enterpriseone_tools, Jd_edwards_world_security, Mysql_connectors, Mysql_server, Mysql_workbench, Peoplesoft_enterprise_peopletools, Secure_backup, Secure_global_desktop, Zfs_storage_appliance_kit, Ruggedcom_rcm1224_firmware, Scalance_lpe9403_firmware, Scalance_m\-800_firmware, Scalance_s602_firmware, Scalance_s612_firmware, Scalance_s615_firmware, Scalance_s623_firmware, Scalance_s627\-2m_firmware, Scalance_sc\-600_firmware, Scalance_w1700_firmware, Scalance_w700_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200ba_firmware, Scalance_xm\-400_firmware, Scalance_xp\-200_firmware, Scalance_xr524\-8c_firmware, Scalance_xr526\-8c_firmware, Scalance_xr528\-6m_firmware, Scalance_xr552\-12_firmware, Scalance_xr\-300wg_firmware, Simatic_cloud_connect_7_firmware, Simatic_cp_1242\-7_gprs_v2_firmware, Simatic_hmi_basic_panels_2nd_generation_firmware, Simatic_hmi_comfort_outdoor_panels_firmware, Simatic_hmi_ktp_mobile_panels_firmware, Simatic_logon, Simatic_mv500_firmware, Simatic_net_cp1243\-7_lte_eu_firmware, Simatic_net_cp1243\-7_lte_us_firmware, Simatic_net_cp_1243\-1_firmware, Simatic_net_cp_1243\-8_irc_firmware, Simatic_net_cp_1542sp\-1_irc_firmware, Simatic_net_cp_1543\-1_firmware, Simatic_net_cp_1543sp\-1_firmware, Simatic_net_cp_1545\-1_firmware, Simatic_pcs_7_telecontrol_firmware, Simatic_pcs_neo_firmware, Simatic_pdm_firmware, Simatic_process_historian_opc_ua_server_firmware, Simatic_rf166c_firmware, Simatic_rf185c_firmware, Simatic_rf186c_firmware, Simatic_rf186ci_firmware, Simatic_rf188c_firmware, Simatic_rf188ci_firmware, Simatic_rf360r_firmware, Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1500_cpu_1518\-4_pn\/dp_mfp_firmware, Simatic_wincc_runtime_advanced, Simatic_wincc_telecontrol, Sinamics_connect_300_firmware, Sinec_infrastructure_network_services, Sinec_nms, Sinec_pni, Sinema_server, Sinumerik_opc_ua_server, Tia_administrator, Tim_1531_irc_firmware, Capture_client, Sma100_firmware, Sonicos, Log_correlation_engine, Nessus, Nessus_network_monitor, Tenable\.sc 5.9
2020-01-16 CVE-2019-13933 A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants), SCALANCE X204RNA (HSR), SCALANCE X204RNA (PRP), SCALANCE X204RNA EEC (HSR), SCALANCE X204RNA EEC (PRP), SCALANCE X204RNA EEC (PRP/HSR), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V,... Scalance_x204rna_firmware, Scalance_x408\-2_firmware, Scalance_x\-200rna_firmware, Scalance_x\-300_firmware, Scalance_xr\-300_firmware, Scalance_xr\-300wg_firmware, Siplus_net_csm_1277_firmware 8.6
2020-04-14 CVE-2019-19301 A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC... Scalance_x\-200irt_firmware, Scalance_x\-200irt_pro_firmware, Scalance_x\-300_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200_firmware, Scalance_xp\-200_firmware, Scalance_xr\-300_firmware, Scalance_xr\-300wg_firmware, Simatic_cp_443\-1_advanced_firmware, Simatic_cp_443\-1_firmware, Simatic_rf180c_firmware, Simatic_rf182c_firmware 7.5
2020-02-11 CVE-2019-13946 Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user... Dk_standard_ethernet_controller, Ek\-Ertec_200_firmware, Ek\-Ertec_200p_firmware, Im_154\-3_pn_hf_firmware, Im_154\-4_pn_hf_firmware, Profinet_driver, Ruggedcom_rm1224_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_ieee_802\.11n_firmware, Scalance_x\-200irt_firmware, Scalance_x\-300_firmware, Scalance_x\-400_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200_firmware, Scalance_xf\-200ba_firmware, Scalance_xm\-400_firmware, Scalance_xp\-200_firmware, Scalance_xr524_firmware, Scalance_xr526_firmware, Scalance_xr528_firmware, Scalance_xr552_firmware, Scalance_xr\-300wg_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_343\-1_advanced_firmware, Simatic_cp_343\-1_erpc_firmware, Simatic_cp_343\-1_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_443\-1_advanced_firmware, Simatic_cp_443\-1_firmware, Simatic_cp_443\-1_opc_ua_firmware, Simatic_et200al_im_157\-1_pn_firmware, Simatic_et200ecopn_firmware, Simatic_et200m_im153\-4_pn_io_hf_firmware, Simatic_et200m_im153\-4_pn_io_st_firmware, Simatic_et200mp_im155\-5_pn_hf_firmware, Simatic_et200mp_im155\-5_pn_st_firmware, Simatic_et200pro_firmware, Simatic_et200s_firmware, Simatic_et200sp_im155\-6_pn_basic_firmware, Simatic_et200sp_im155\-6_pn_hf_firmware, Simatic_et200sp_im155\-6_pn_st_firmware, Simatic_ipc_support, Simatic_mv420_firmware, Simatic_mv440_firmware, Simatic_pn\/pn_coupler_firmware, Simatic_rf180c_firmware, Simatic_rf182c_firmware, Simatic_rf600_firmware, Sinamics_dcp_firmware 7.5
2021-07-13 CVE-2020-28400 Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Dk_standard_ethernet_controller_evaluation_kit_firmware, Ek\-Ertec_200_evaulation_kit_firmware, Ek\-Ertec_200p_evaluation_kit_firmware, Ruggedcom_rm1224_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w1700_firmware, Scalance_w700_firmware, Scalance_x200\-4_p_irt_firmware, Scalance_x201\-3p_irt_firmware, Scalance_x201\-3p_irt_pro_firmware, Scalance_x202\-2_irt_firmware, Scalance_x202\-2p_irt_pro_firmware, Scalance_x204\-2_firmware, Scalance_x204\-2fm_firmware, Scalance_x204\-2ld_firmware, Scalance_x204\-2ld_ts_firmware, Scalance_x204\-2ts_firmware, Scalance_x204_irt_firmware, Scalance_x204_irt_pro_firmware, Scalance_x206\-1_firmware, Scalance_x206\-1ld_firmware, Scalance_x208_firmware, Scalance_x208pro_firmware, Scalance_x212\-2_firmware, Scalance_x212\-2ld_firmware, Scalance_x216_firmware, Scalance_x224_firmware, Scalance_x302\-7eec_firmware, Scalance_x304\-2fe_firmware, Scalance_x306\-1ldfe_firmware, Scalance_x307\-2eec_firmware, Scalance_x307\-3_firmware, Scalance_x307\-3ld_firmware, Scalance_x308\-2_firmware, Scalance_x308\-2ld_firmware, Scalance_x308\-2lh\+_firmware, Scalance_x308\-2lh_firmware, Scalance_x308\-2m_firmware, Scalance_x308\-2m_poe_firmware, Scalance_x308\-2m_ts_firmware, Scalance_x310_firmware, Scalance_x310fe_firmware, Scalance_x320\-1fe_firmware, Scalance_x320\-3ldfe_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf201\-3p_irt_firmware, Scalance_xf202\-2p_irt_firmware, Scalance_xf204\-2_firmware, Scalance_xf204\-2ba_irt_firmware, Scalance_xf204_firmware, Scalance_xf204_irt_firmware, Scalance_xf206\-1_firmware, Scalance_xf208_firmware, Scalance_xf\-200ba_firmware, Scalance_xm400_firmware, Scalance_xp\-200_firmware, Scalance_xr324\-12m_firmware, Scalance_xr324\-12m_ts_firmware, Scalance_xr324\-4m_eec_firmware, Scalance_xr324\-4m_poe_firmware, Scalance_xr324\-4m_poe_ts_firmware, Scalance_xr500_firmware, Scalance_xr\-300wg_firmware, Simatic_cfu_pa_firmware, Simatic_ie\/pb\-Link_v3_firmware, Simatic_mv500_firmware, Simatic_net_cm_1542\-1_firmware, Simatic_net_cp1604_firmware, Simatic_net_cp1616_firmware, Simatic_net_cp1626_firmware, Simatic_net_dk\-16xx_pn_io, Simatic_power_line_booster_plb_firmware, Simatic_profinet_driver_firmware, Simatic_s7\-1200_firmware, Simocode_prov_ethernet\/ip_firmware, Simocode_prov_profinet_firmware, Softnet\-Ie_pnio_firmware 7.5
2019-08-13 CVE-2019-10927 A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability.... Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200ba_firmware, Scalance_xp\-200_firmware, Scalance_xr\-300wg_firmware 6.5
2020-02-11 CVE-2019-13924 A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (all versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (all versions < 4.1.3). The device does not send the X-Frame-Option Header... Scalance_x\-200irt_firmware, Scalance_x\-300_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200_firmware, Scalance_xp\-200_firmware, Scalance_xr\-300_firmware, Scalance_xr\-300wg_firmware 5.4