Skip to main content

Scalance X308 2M Firmware

10 CVEs product

Monthly

CVE-2022-26380 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Siemens Buffer Overflow Information Disclosure Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware +21
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-26335 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Siemens Buffer Overflow Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-26334 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Siemens Buffer Overflow Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-25756 MEDIUM PATCH This Month

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Siemens XSS Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-25755 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Siemens Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-25754 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Siemens CSRF Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-25753 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Siemens Stack Overflow Buffer Overflow Scalance X302 7Eec Firmware +22
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-25752 CRITICAL PATCH Act Now

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Siemens Information Disclosure Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-25751 HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Siemens Scalance X302 7Eec Firmware Scalance X304 2Fe Firmware Scalance X306 1Ldfe Firmware +20
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2012-1802 HIGH This Week

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service RCE Scalance X414 3E Firmware +9
NVD
CVSS 2.0
7.8
EPSS
2.7%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Siemens Buffer Overflow Information Disclosure +23
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Siemens Buffer Overflow Scalance X302 7Eec Firmware +22
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Siemens Buffer Overflow Scalance X302 7Eec Firmware +22
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Siemens XSS Scalance X302 7Eec Firmware +22
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Siemens Scalance X302 7Eec Firmware +22
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Siemens CSRF Scalance X302 7Eec Firmware +22
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Siemens Stack Overflow +24
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Siemens Information Disclosure Scalance X302 7Eec Firmware +22
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Siemens Scalance X302 7Eec Firmware +22
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +11
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy