SSA-646841 (Last Update: 2020-01-14): Recoverable Password from Configuration Storage in SCALANCE X Switches


2020-01-14 00:00:00 UTC


A vulnerability exists in several SCALANCE X switches that could allow external entities to reconstruct passwords for users of the affected devices if an attacker is able to obtain a backup of the device configuration.

Siemens has released updates for some of the affected devices and is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available.