SSA-176087 (Last Update: 2020-02-10): Unauthenticated Access to Critical Services in SCALANCE X-200 Switch Family

Published

2020-02-10 00:00:00 UTC

Summary

A potential vulnerability was discovered in the web server authentication of SCALANCE X-200 and X-200IRT switches that might allow attackers to perform administrative operations over the network without authentication. This issue only applies to switches using older firmware versions and has been fixed from firmware V4.5.0 (non-IRT) and V5.1.0 (IRT) on.

Siemens recommends upgrading to the current firmware versions V5.0.1 (non-IRT) and V5.1.2 (IRT).