Vulnerabilities > Siemens > Scalance Xc206 2Sfp G Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-44317 | Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). | 7.2 |
| 2022-12-13 | CVE-2022-46140 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products Affected devices use a weak encryption scheme to encrypt the debug zip file. | 6.5 |
| 2022-12-13 | CVE-2022-46142 | Storing Passwords in a Recoverable Format vulnerability in Siemens products Affected devices store the CLI user passwords encrypted in flash memory. | 5.7 |
| 2022-12-13 | CVE-2022-46143 | Improper Validation of Specified Quantity in Input vulnerability in Siemens products Affected devices do not check the TFTP blocksize correctly. | 2.7 |
| 2022-08-10 | CVE-2022-36323 | Unspecified vulnerability in Siemens products Affected devices do not properly sanitize an input field. | 9.1 |
| 2022-08-10 | CVE-2022-36324 | Allocation of Resources Without Limits or Throttling vulnerability in Siemens products Affected devices do not properly handle the renegotiation of SSL/TLS parameters. | 7.5 |
| 2022-08-10 | CVE-2022-36325 | Unspecified vulnerability in Siemens products Affected devices do not properly sanitize data introduced by an user when rendering the web interface. | 4.8 |
| 2021-01-12 | CVE-2020-28391 | Use of Hard-coded Cryptographic Key vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 5.9 |
| 2021-01-12 | CVE-2020-25226 | Heap-based Buffer Overflow vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 9.8 |
| 2021-01-12 | CVE-2020-15800 | Heap-based Buffer Overflow vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 9.8 |