Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-28391

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

CVE
Open in Source
#vulnerability#pdf

%PDF-1.5 %���� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 630.026 null] >> endobj 4 0 obj << /D [2 0 R /XYZ 70.866 557.991 null] >> endobj 5 0 obj << /D [2 0 R /XYZ 70.866 291.06 null] >> endobj 6 0 obj << /D [2 0 R /XYZ 70.866 178.178 null] >> endobj 7 0 obj << /D [8 0 R /XYZ 85.039 283.466 null] >> endobj 9 0 obj << /D [10 0 R /XYZ 70.866 713.397 null] >> endobj 11 0 obj << /S /GoTo /D [2 0 R /Fit] >> endobj 2 0 obj << /Contents 12 0 R /Type /Page /Resources 13 0 R /Parent 14 0 R /Annots [15 0 R 16 0 R 17 0 R 18 0 R 19 0 R 20 0 R 21 0 R] /MediaBox [0 0 595.276 841.89] >> endobj 15 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109801131/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 458.519 518.276 469.936] >> endobj 17 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109792534/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 397.153 518.276 408.57] >> endobj 19 0 obj << /A << /S /URI /Type /Action /URI (https://support.industry.siemens.com/cs/ww/en/view/109773547/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 323.831 518.276 335.248] >> endobj 21 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/cert/operational-guidelines-industrial-security) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [164.798 86.106 487.754 97.643] >> endobj 22 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/industrialsecurity) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [406.699 757.968 525.406 769.385] >> endobj 13 0 obj << /ProcSet [/PDF /Text] /Font << /F54 23 0 R /F51 24 0 R >> >> endobj 12 0 obj << /Filter /FlateDecode /Length 3146 >> stream x��Z[w�8~ϯ�m�A�Ւ|��$�73}�@z{N�<��$> �Ӝ��[%�`�v/=� �l��Ju�Te�y��Ϋ�����bKlģ����)1Q����tg<�|��d�d�^�k�%����g������`�5�,aR�n��w��Ǖ�߯���4�����q����ş �v`@-Xg�������ޯJ�5��{rёJ%����?/h����D�5�M#��rO��Gv� Vj]V���E&(h4ᤥ4>�)Eo�8�����%�D��N�L$�

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE