PT-2022-3539 · Siemens · Scalance X310+14

Published

2022-04-12

·

Updated

2022-04-19

·

CVE-2022-25752

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions SCALANCE X302-7 EEC (230V) SCALANCE X302-7 EEC (230V, coated) SCALANCE X302-7 EEC (24V) SCALANCE X302-7 EEC (24V, coated) SCALANCE X302-7 EEC (2x 230V) SCALANCE X302-7 EEC (2x 230V, coated) SCALANCE X302-7 EEC (2x 24V) SCALANCE X302-7 EEC (2x 24V, coated) SCALANCE X304-2FE SCALANCE X306-1LD FE SCALANCE X307-2 EEC (230V) SCALANCE X307-2 EEC (230V, coated) SCALANCE X307-2 EEC (24V) SCALANCE X307-2 EEC (24V, coated) SCALANCE X307-2 EEC (2x 230V) SCALANCE X307-2 EEC (2x 230V, coated) SCALANCE X307-2 EEC (2x 24V) SCALANCE X307-2 EEC (2x 24V, coated) SCALANCE X307-3 SCALANCE X307-3LD SCALANCE X308-2 SCALANCE X308-2LD SCALANCE X308-2LH SCALANCE X308-2LH+ SCALANCE X308-2M SCALANCE X308-2M PoE SCALANCE X308-2M TS SCALANCE X310 SCALANCE X310FE SCALANCE X320-1 FE SCALANCE X408-2 SCALANCE XR324-12M (230V, ports on front) SCALANCE XR324-12M (230V, ports on rear) SCALANCE XR324-12M (24V, ports on front) SCALANCE XR324-12M (24V, ports on rear) SCALANCE XR324-12M TS (24V) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) SCALANCE XR324-4M EEC (24V, ports on front) SCALANCE XR324-4M EEC (24V, ports on rear) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) SCALANCE XR324-4M EEC (2x 24V, ports on front) SCALANCE XR324-4M EEC (2x 24V, ports on rear) SCALANCE XR324-4M PoE (230V, ports on front) SCALANCE XR324-4M PoE (230V, ports on rear) SCALANCE XR324-4M PoE (24V, ports on front) SCALANCE XR324-4M PoE (24V, ports on rear) SCALANCE XR324-4M PoE TS (24V, ports on front) SIPLUS NET SCALANCE X308-2
Description The web server of affected devices calculates session IDs and nonces in an insecure manner, allowing an unauthenticated remote attacker to brute-force session IDs and hijack existing sessions. This issue is related to the use of insufficiently random values. Exploitation of the vulnerability may allow a remote attacker to elevate their privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Insufficiently Random Values

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-330

Related Identifiers

BDU:2022-04322
CVE-2022-25752

Affected Products

Scalance X302-7 Eec
Scalance X304-2Fe
Scalance X306-1Ld Fe
Scalance X307-2 Eec
Scalance X307-3Ld
Scalance X308-2
Scalance X308-2M
Scalance X308-2M Poe
Scalance X310
Scalance X320-1 Fe
Scalance X408-2
Scalance Xr324-12M
Scalance Xr324-4M Eec
Scalance Xr324-4M Poe
Siplus Net Scalance X308-2