) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:siemens:scalance_xc206-2g_poe_firmware:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-44317 |
Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. Published: November 14, 2023; 6:15:12 AM -0500 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2022-46143 |
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. Published: December 13, 2022; 11:15:25 AM -0500 |
V4.0:(not available) V3.1: 2.7 LOW V2.0:(not available) |
| CVE-2022-46142 |
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. Published: December 13, 2022; 11:15:25 AM -0500 |
V4.0:(not available) V3.1: 5.7 MEDIUM V2.0:(not available) |
| CVE-2022-46140 |
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. Published: December 13, 2022; 11:15:25 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |