CVE-2023-44317

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:scalance_xb208_\(e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb208_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:scalance_xb208_\(pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb208_\(pn\):-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_xb216_\(e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb216_\(e\/ip\):-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_xb216_\(pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb216_\(pn\):-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2_\(sc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2_\(sc\):-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2_\(st\/bfoc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2_\(st\/bfoc\):-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2g_poe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2g_poe:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2g_poe_\(54_v_dc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2g_poe_\(54_v_dc\):-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2g_poe_eec_\(54_v_dc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2g_poe_eec_\(54_v_dc\):-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_eec:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_\(eip_def.\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g_\(eip_def.\):-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_xc206-2sfp_g_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc206-2sfp_g_eec:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208eec:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_\(eip_def.\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_\(eip_def.\):-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_eec:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_poe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_poe:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:scalance_xc208g_poe_\(54_v_dc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc208g_poe_\(54_v_dc\):-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-3g_poe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-3g_poe:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-3g_poe_\(54_v_dc\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-3g_poe_\(54_v_dc\):-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_\(eip_def.\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g_\(eip_def.\):-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216-4c_g_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:siemens:scalance_xc216eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc216eec:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g_\(eip_def.\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g_\(eip_def.\):-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:siemens:scalance_xc224-4c_g_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xc224-4c_g_eec:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204_dna_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204_dna:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204-2ba_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204-2ba:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:siemens:scalance_xf204-2ba_dna_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xf204-2ba_dna:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208_\(ethernet\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208_\(ethernet\/ip\):-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208eec:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:siemens:scalance_xp208poe_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp208poe_eec:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216_\(ethernet\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216_\(ethernet\/ip\):-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216eec:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:siemens:scalance_xp216poe_eec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xp216poe_eec:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:siemens:scalance_xr326-2c_poe_wg_\(without_ul\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr326-2c_poe_wg_\(without_ul\):-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:siemens:siplus_net_scalance_xc206-2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siplus_net_scalance_xc206-2:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:siemens:siplus_net_scalance_xc206-2sfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siplus_net_scalance_xc206-2sfp:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:siemens:siplus_net_scalance_xc208_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siplus_net_scalance_xc208:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:siemens:siplus_net_scalance_xc216-4c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siplus_net_scalance_xc216-4c:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3_\(sc\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3_\(sc\,_pn\):-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3_\(st\,_e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3_\(st\,_e\/ip\):-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3_\(st\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3_\(st\,_pn\):-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3ld_\(sc\,_e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3ld_\(sc\,_e\/ip\):-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:siemens:scalance_xb205-3ld_\(sc\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb205-3ld_\(sc\,_pn\):-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3_\(sc\,_e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3_\(sc\,_e\/ip\):-:*:*:*:*:*:*:*

Configuration 58 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3_\(sc\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3_\(sc\,_pn\):-:*:*:*:*:*:*:*

Configuration 59 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3_\(st\,_e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3_\(st\,_e\/ip\):-:*:*:*:*:*:*:*

Configuration 60 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3_\(st\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3_\(st\,_pn\):-:*:*:*:*:*:*:*

Configuration 61 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3ld_\(sc\,_e\/ip\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3ld_\(sc\,_e\/ip\):-:*:*:*:*:*:*:*

Configuration 62 (hide)

AND
cpe:2.3:o:siemens:scalance_xb213-3ld_\(sc\,_pn\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xb213-3ld_\(sc\,_pn\):-:*:*:*:*:*:*:*

Configuration 63 (hide)

AND
cpe:2.3:o:siemens:scalance_xr324wg_\(24_x_fe\,_ac_230v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr324wg_\(24_x_fe\,_ac_230v\):-:*:*:*:*:*:*:*

Configuration 64 (hide)

AND
cpe:2.3:o:siemens:scalance_xr324wg_\(24_x_fe\,_dc_24v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr324wg_\(24_x_fe\,_dc_24v\):-:*:*:*:*:*:*:*

Configuration 65 (hide)

AND
cpe:2.3:o:siemens:scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\):-:*:*:*:*:*:*:*

Configuration 66 (hide)

AND
cpe:2.3:o:siemens:scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\):-:*:*:*:*:*:*:*

Configuration 67 (hide)

AND
cpe:2.3:o:siemens:scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\):-:*:*:*:*:*:*:*

Configuration 68 (hide)

AND
cpe:2.3:o:siemens:scalance_xr328-4c_wg_\(28xge\,_ac_230v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr328-4c_wg_\(28xge\,_ac_230v\):-:*:*:*:*:*:*:*

Configuration 69 (hide)

AND
cpe:2.3:o:siemens:scalance_xr328-4c_wg_\(28xge\,_dc_24v\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_xr328-4c_wg_\(28xge\,_dc_24v\):-:*:*:*:*:*:*:*

History

14 Jan 2025, 11:15

Type Values Removed Values Added
Summary (en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. (en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

Information

Published : 2023-11-14 11:15

Updated : 2025-01-14 11:15


NVD link : CVE-2023-44317

Mitre link : CVE-2023-44317

CVE.ORG link : CVE-2023-44317


JSON object : View

Products Affected

siemens

  • siplus_net_scalance_xc208
  • scalance_xb213-3_\(st\,_pn\)
  • scalance_xb205-3_\(st\,_e\/ip\)_firmware
  • scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)
  • scalance_xf204-2ba_dna_firmware
  • scalance_xc206-2g_poe_eec_\(54_v_dc\)_firmware
  • scalance_xc224-4c_g_eec
  • scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)_firmware
  • scalance_xr324wg_\(24_x_fe\,_ac_230v\)
  • scalance_xc216-4c_firmware
  • scalance_xc224-4c_g_eec_firmware
  • scalance_xb205-3_\(sc\,_pn\)
  • scalance_xb205-3ld_\(sc\,_pn\)_firmware
  • scalance_xc206-2sfp_g_\(eip_def.\)
  • scalance_xb213-3ld_\(sc\,_e\/ip\)_firmware
  • scalance_xc206-2g_poe_firmware
  • scalance_xc216-4c_g_eec_firmware
  • scalance_xb213-3_\(sc\,_e\/ip\)_firmware
  • scalance_xc206-2_\(st\/bfoc\)
  • scalance_xc216_firmware
  • scalance_xc206-2sfp
  • scalance_xc216-4c_g_\(eip_def.\)_firmware
  • scalance_xb208_\(pn\)_firmware
  • scalance_xp208eec_firmware
  • scalance_xc206-2_\(sc\)
  • scalance_xc208g
  • scalance_xb208_\(e\/ip\)_firmware
  • scalance_xc208eec_firmware
  • scalance_xr328-4c_wg_\(28xge\,_ac_230v\)
  • scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)
  • siplus_net_scalance_xc206-2sfp_firmware
  • scalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)_firmware
  • scalance_xp208
  • scalance_xf204_firmware
  • scalance_xp208_\(ethernet\/ip\)_firmware
  • scalance_xb216_\(e\/ip\)_firmware
  • scalance_xp208eec
  • scalance_xb213-3ld_\(sc\,_pn\)
  • scalance_xb208_\(e\/ip\)
  • scalance_xb213-3_\(sc\,_e\/ip\)
  • scalance_xc216-4c_g_firmware
  • scalance_xp208_\(ethernet\/ip\)
  • scalance_xc224-4c_g_firmware
  • scalance_xb213-3_\(st\,_pn\)_firmware
  • scalance_xb216_\(pn\)
  • scalance_xr328-4c_wg_\(28xge\,_dc_24v\)
  • scalance_xr326-2c_poe_wg_\(without_ul\)
  • scalance_xf204-2ba_firmware
  • siplus_net_scalance_xc206-2
  • scalance_xr324wg_\(24_x_fe\,_ac_230v\)_firmware
  • scalance_xc206-2sfp_eec
  • scalance_xc216
  • scalance_xc216-4c_g
  • scalance_xp208poe_eec
  • scalance_xc206-2sfp_g_firmware
  • scalance_xr324wg_\(24_x_fe\,_dc_24v\)_firmware
  • siplus_net_scalance_xc208_firmware
  • scalance_xc208g_eec
  • scalance_xb213-3_\(st\,_e\/ip\)_firmware
  • scalance_xc208
  • scalance_xb213-3ld_\(sc\,_e\/ip\)
  • scalance_xb205-3ld_\(sc\,_e\/ip\)_firmware
  • scalance_xc216-4c_g_\(eip_def.\)
  • scalance_xc208g_poe
  • scalance_xc216-3g_poe_firmware
  • scalance_xc224-4c_g
  • scalance_xc206-2sfp_eec_firmware
  • scalance_xc206-2g_poe_\(54_v_dc\)
  • scalance_xc206-2sfp_g_eec_firmware
  • scalance_xc206-2g_poe_\(54_v_dc\)_firmware
  • scalance_xc208g_\(eip_def.\)
  • scalance_xc206-2sfp_g_\(eip_def.\)_firmware
  • siplus_net_scalance_xc206-2_firmware
  • scalance_xc206-2_\(sc\)_firmware
  • scalance_xc206-2sfp_firmware
  • siplus_net_scalance_xc216-4c
  • scalance_xb205-3_\(st\,_e\/ip\)
  • scalance_xc206-2g_poe_eec_\(54_v_dc\)
  • scalance_xc208g_eec_firmware
  • scalance_xp208poe_eec_firmware
  • scalance_xc206-2sfp_g_eec
  • scalance_xc224_firmware
  • scalance_xb205-3ld_\(sc\,_pn\)
  • scalance_xr326-2c_poe_wg_\(without_ul\)_firmware
  • scalance_xc216-3g_poe_\(54_v_dc\)_firmware
  • scalance_xc208g_poe_\(54_v_dc\)
  • scalance_xc216-4c_g_eec
  • scalance_xb205-3_\(st\,_pn\)
  • scalance_xb205-3_\(sc\,_pn\)_firmware
  • scalance_xb205-3_\(st\,_pn\)_firmware
  • scalance_xr326-2c_poe_wg
  • scalance_xb205-3ld_\(sc\,_e\/ip\)
  • scalance_xc224
  • scalance_xc216-3g_poe
  • scalance_xb216_\(e\/ip\)
  • scalance_xf204-2ba
  • scalance_xc224-4c_g_\(eip_def.\)
  • scalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)
  • scalance_xb216_\(pn\)_firmware
  • scalance_xf204_dna_firmware
  • siplus_net_scalance_xc206-2sfp
  • scalance_xp216eec_firmware
  • scalance_xp208_firmware
  • scalance_xc206-2g_poe
  • scalance_xp216_\(ethernet\/ip\)_firmware
  • scalance_xf204
  • scalance_xc216eec
  • scalance_xc206-2sfp_g
  • scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)_firmware
  • scalance_xp216poe_eec
  • scalance_xc208_firmware
  • scalance_xc208g_firmware
  • scalance_xc216-4c
  • scalance_xc224-4c_g_\(eip_def.\)_firmware
  • siplus_net_scalance_xc216-4c_firmware
  • scalance_xf204-2ba_dna
  • scalance_xb213-3_\(sc\,_pn\)
  • scalance_xc208g_\(eip_def.\)_firmware
  • scalance_xp216eec
  • scalance_xc216eec_firmware
  • scalance_xb208_\(pn\)
  • scalance_xp216_firmware
  • scalance_xc206-2_\(st\/bfoc\)_firmware
  • scalance_xr326-2c_poe_wg_firmware
  • scalance_xr328-4c_wg_\(28xge\,_dc_24v\)_firmware
  • scalance_xc216-3g_poe_\(54_v_dc\)
  • scalance_xb213-3_\(st\,_e\/ip\)
  • scalance_xr324wg_\(24_x_fe\,_dc_24v\)
  • scalance_xc208eec
  • scalance_xp216
  • scalance_xc208g_poe_firmware
  • scalance_xc208g_poe_\(54_v_dc\)_firmware
  • scalance_xf204_dna
  • scalance_xb213-3_\(sc\,_pn\)_firmware
  • scalance_xb213-3ld_\(sc\,_pn\)_firmware
  • scalance_xr328-4c_wg_\(28xge\,_ac_230v\)_firmware
  • scalance_xp216poe_eec_firmware
  • scalance_xp216_\(ethernet\/ip\)
CWE
CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data