CVE-2022-25754

Name of the Vulnerable Software and Affected Versions SCALANCE X302-7 versions (230V), (230V, coated), (24V), (24V, coated), (2x 230V), (2x 230V, coated), (2x 24V), (2x 24V, coated) SCALANCE X304-2FE SCALANCE X306-1LD FE SCALANCE X307-2 versions (230V), (230V, coated), (24V), (24V, coated), (2x 230V), (2x 230V, coated), (2x 24V), (2x 24V, coated) SCALANCE X307-3 SCALANCE X307-3LD SCALANCE X308-2 versions including LD, LH, LH+, M, M PoE, M TS SCALANCE X310 SCALANCE X310FE SCALANCE X320-1 FE SCALANCE X320-1-2LD FE SCALANCE X408-2 SCALANCE XR324-12M versions (230V, ports on front), (230V, ports on rear), (24V, ports on front), (24V, ports on rear), TS (24V) SCALANCE XR324-4M versions including EEC (100-240VAC/60-250VDC, ports on front), EEC (100-240VAC/60-250VDC, ports on rear), EEC (24V, ports on front), EEC (24V, ports on rear), EEC (2x 100-240VAC/60-250VDC, ports on front), EEC (2x 100-240VAC/60-250VDC, ports on rear), EEC (2x 24V, ports on front), EEC (2x 24V, ports on rear), PoE (230V, ports on front), PoE (230V, ports on rear), PoE (24V, ports on front), PoE (24V, ports on rear), PoE TS (24V, ports on front) SIPLUS NET SCALANCE X308-2

Description The integrated web server of the affected devices could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This issue is related to cross-site request forgery.

Recommendations As a temporary workaround, consider disabling the integrated web server of the affected devices until a patch is available. Restrict access to the web server to minimize the risk of exploitation. Avoid using the web server for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.