CVE-2013-5709

HIGH

8.3

CVSS Severity Score

EPSS Score0.1830%

EPSS Percentile27.77th

PublishedSep 17, 2013

Last ModifiedApr 29, 2026

Vulnerability Description

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.

Affected Platforms (CPE)

💻

Siemens

Scalance X 200 Series Firmware

<= 4.4

💻

Siemens

Scalance X 200 Series Firmware

= 4.3

🔌

Siemens

Scalance X 200

All versions

🔌

Siemens

Scalance X 200rna

All versions

🔌

Siemens

Scalance X200 4p Irt

All versions

🔌

Siemens

Scalance X201 3p Irt

All versions

🔌

Siemens

Scalance X201 3p Irt

All versions

🔌

Siemens

Scalance X202 2irt

All versions

🔌

Siemens

Scalance X202 2p Irt

All versions

🔌

Siemens

Scalance X202 2p Irt

All versions

🔌

Siemens

Scalance X204irt

All versions

🔌

Siemens

Scalance X204irt

All versions

🔌

Siemens

Scalance Xf 200

All versions

References & Advisories

🔗 http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01

🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf

🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf

🔗 http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01

🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf

🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf

Vulnerability Description

Affected Platforms (CPE)

Scalance X 200 Series Firmware

Scalance X 200 Series Firmware

Scalance X 200

Scalance X 200rna

Scalance X200 4p Irt

Scalance X201 3p Irt

Scalance X201 3p Irt

Scalance X202 2irt

Scalance X202 2p Irt

Scalance X202 2p Irt

Scalance X204irt

Scalance X204irt

Scalance Xf 200

References & Advisories

Related Vulnerabilities