Siemens SCALANCE X-200 Authentication Bypass

critical Nessus Plugin ID 70530

Synopsis

The remote device is affected by an authentication bypass vulnerability.

Description

According to the self-reported version of the remote SCALANCE device, it is affected by an unspecified vulnerability that could allow an attacker to execute administrative functions on the device without authentication.

Solution

For non-IRT devices, upgrade to firmware version 4.5.0 or later. For IRT devices, upgrade to firmware version 5.1.0 or later.

See Also

http://www.nessus.org/u?ff64ee3a

Plugin Details

Severity: Critical

ID: 70530

File Name: scada_siemens_scalance_x200_auth_bypass.nbin

Version: 1.69

Type: remote

Family: SCADA

Published: 10/21/2013

Updated: 5/20/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:siemens:scalance_x-200_series_firmware

Exploit Ease: No known exploits are available

Patch Publication Date: 9/4/2013

Vulnerability Publication Date: 10/1/2013

Reference Information

CVE: CVE-2013-5944

BID: 62762

ICSA: 13-274-01