Vulnerabilities > Siemens > Siplus NET Scalance Xc216 4C Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-44317 | Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in Siemens products Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. | 7.2 |
| 2022-12-13 | CVE-2022-46140 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products Affected devices use a weak encryption scheme to encrypt the debug zip file. | 6.5 |
| 2022-12-13 | CVE-2022-46142 | Storing Passwords in a Recoverable Format vulnerability in Siemens products Affected devices store the CLI user passwords encrypted in flash memory. | 5.7 |
| 2022-12-13 | CVE-2022-46143 | Improper Validation of Specified Quantity in Input vulnerability in Siemens products Affected devices do not check the TFTP blocksize correctly. | 2.7 |