Siemens Scalance Xc206-2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Scalance Xc206-2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2020-15800 — CVSS 9.8 (critical): A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT…
CVE-2020-25226 — CVSS 9.8 (critical): A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT…
CVE-2022-36323 — CVSS 9.1 (critical): Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges…
CVE-2022-36324 — CVSS 7.5 (high): Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to…
CVE-2022-36325 — CVSS 6.8 (medium): Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated…
CVE-2020-15799 — CVSS 6.5 (medium): A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT…
CVE-2022-46140 — CVSS 6.5 (medium): Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the…
CVE-2020-28391 — CVSS 5.9 (medium): A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT…
CVE-2022-46142 — CVSS 5.7 (medium): Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the…
CVE-2022-46143 — CVSS 2.7 (low): Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer…