Siemens Scalance Xr-300wg Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Scalance Xr-300wg Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-36323 — CVSS 9.1 (critical): Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges…
CVE-2019-13933 — CVSS 8.6 (high): A vulnerability has been identified in SCALANCE X204RNA (HSR), SCALANCE X204RNA (PRP), SCALANCE X204RNA EEC (HSR), SCALANCE X204RNA EEC…
CVE-2022-36324 — CVSS 7.5 (high): Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to…
CVE-2019-13946 — CVSS 7.5 (high): Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic…
CVE-2019-19301 — CVSS 7.5 (high): A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE…
CVE-2020-28400 — CVSS 7.5 (high): Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The…
CVE-2022-36325 — CVSS 6.8 (medium): Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated…
CVE-2019-10927 — CVSS 6.5 (medium): A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1)…
CVE-2021-3449 — CVSS 5.9 (medium): An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation…
CVE-2019-13924 — CVSS 5.4 (medium): A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All…