Vulnerabilities > CVE-2013-4651 - Credentials Management vulnerability in Siemens products
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
COMPLETE Summary
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | Siemens Scalance W-700系列内置SSL证书欺骗漏洞 CNVD-ID CNVD-2013-11278 CVE-ID: CVE-2013-4651 在关于担保的管理 web 界面和命令行管理界面中的身份验证旁路硬编码的 SSL 证书的西门子 Scalance W7xx (IEEE 802.11a/b/g) 产品系列。Siemens Scalance W-700 Series是西门子开发的工业无线交换机设备。 Siemens Scalance W-700系列设备设备内置的SSL证书,不能通过管理接口来更换该证书,允许攻击者通过中间人攻击获取敏感信息。 如下固件版本 < v4.5.4的支持IEEE 802.11a/b/g的设备受此漏洞影响: ``` SCALANCE W744-1, W746-1, W747-1 SCALANCE W744-1PRO, W746-1PRO, W747-1RR SCALANCE W784-1, W784-1RR SCALANCE W786-1PRO, W786-2PRO, W786-3PRO, W786-2RR SCALANCE W788-1PRO, W788-2PRO, W788-1RR, W788-2RR ``` Siemens Scalance W7xx V4.5.4固件已经修复此漏洞,建议用户下载更新: http://support.automation.siemens.com/WW/view/en/77427398 |
| id | SSV:89662 |
| last seen | 2017-11-19 |
| modified | 2015-10-10 |
| published | 2015-10-10 |
| reporter | 尧之 |
| title | Siemens Scalance W-700 系列设备SSL证书欺骗漏洞 |