CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2013-5709

HIGH
8.3
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile27.77th
Published2013年9月17日
Last Modified2026年4月29日

Vulnerability Description

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value.

Affected Platforms (CPE)

💻
Siemens

Scalance X 200 Series Firmware

<= 4.4
💻
Siemens

Scalance X 200 Series Firmware

= 4.3
🔌
Siemens

Scalance X 200

All versions
🔌
Siemens

Scalance X 200rna

All versions
🔌
Siemens

Scalance X200 4p Irt

All versions
🔌
Siemens

Scalance X201 3p Irt

All versions
🔌
Siemens

Scalance X201 3p Irt

All versions
🔌
Siemens

Scalance X202 2irt

All versions
🔌
Siemens

Scalance X202 2p Irt

All versions
🔌
Siemens

Scalance X202 2p Irt

All versions
🔌
Siemens

Scalance X204irt

All versions
🔌
Siemens

Scalance X204irt

All versions
🔌
Siemens

Scalance Xf 200

All versions

References & Advisories

🔗 http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01
🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf
🔗 http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01
🔗 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-850708.pdf
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-850708.pdf

相關漏洞威脅

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...