A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT (All versions), SCALANCE X-300 (All versions), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-06-12 14:29 Updated : 2019-10-09 23:51

CVSS Score More info
Score 2.1 / 10
Vendor Product Version URI
Siemens Scalance X-200irt Firmware cpe:/o:siemens:scalance_x-200irt_firmware
Siemens Scalance X-300 Firmware cpe:/o:siemens:scalance_x-300_firmware
Siemens Scalance X-414-3e Firmware cpe:/o:siemens:scalance_x-414-3e_firmware
  1. Siemens (3) Search CVE
    1. Scalance X-414-3e Firmware (1) Search CVE
    2. Scalance X-200irt Firmware (1) Search CVE
    3. Scalance X-300 Firmware (1) Search CVE


ID Name Description Links
CWE-255 Credentials Management Weaknesses in this category are related to the management of credentials. CVE

History of changes

Date Event
2019-06-19 16:01
2019-06-12 14:29