A vulnerability has been identified in SCALANCE X-200 (All versions), SCALANCE X-200IRT (All versions), SCALANCE X-200RNA (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-08-13 19:15 Updated : 2019-10-09 23:45

CVSS Score More info
Score 5.0 / 10
Vendor Product Version URI
Siemens Scalance X-200 Firmware cpe:/o:siemens:scalance_x-200_firmware
Siemens Scalance X-200irt Firmware cpe:/o:siemens:scalance_x-200irt_firmware
Siemens Scalance X-200rna Firmware cpe:/o:siemens:scalance_x-200rna_firmware
  1. Siemens (3) Search CVE
    1. Scalance X-200 Firmware (1) Search CVE
    2. Scalance X-200irt Firmware (1) Search CVE
    3. Scalance X-200rna Firmware (1) Search CVE


ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-08-22 15:38
2019-08-13 20:15
2019-08-13 19:15