SSA-431802 (Last Update: 2020-11-10): Multiple Vulnerabilities in SCALANCE W1750D

Published

2020-11-10 00:00:00 UTC

Summary

Siemens SCALANCE W1750D is a brandlabled device. Aruba has released a related security advisory (ARUBA-PSA-2016-004) [0] disclosing vulnerabilities in its Aruba Instant product line. The advisory contains multiple related vulnerabilities that are summarized in CVE-2016-2031.

This advisory is a reminder to customers that the PAPI protocol is not a secure protocol and that some device configurations must be taken to mitigate risks. Although this information was previously disclosed, an impending public disclosure by the Google Security Team (focused on Aruba Instant) will call out the vulnerable details of this protocol and bring it to the attention of the attacker community.

Siemens recommends specific countermeasures until fixes are available.

[0] https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt