March 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
November 16, 2023Rewterz Threat Advisory – Multiple Zoom Products Vulnerabilities
November 16, 2023Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
November 16, 2023Rewterz Threat Advisory – Multiple Zoom Products Vulnerabilities
November 16, 2023
Severity
Medium
Analysis Summary
CVE-2023-44374 CVSS:6.5
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in password change. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-44373 CVSS:9.1
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to inject code or spawn a system root shell.
CVE-2023-44322 CVSS:3.7
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family is vulnerable to a denial of service, caused by unchecked return value flaw. A remote attacker could exploit this vulnerability to disable notification of users when certain events occur.
CVE-2023-44321 CVSS:2.7
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family is vulnerable to a denial of service, caused by failing to validate the length of inputs when performing certain configuration changes in the web interface. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-44320 CVSS:4.3
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could provide weaker than expected security, caused by failing to validate the authentication when performing certain modifications in the web interface. A remote authenticated attacker could exploit this vulnerability to influence the user interface configured.
CVE-2023-44319 CVSS:4.9
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could provide weaker than expected security, caused by using a weak checksum algorithm to protect the configuration backup. A remote authenticated attacker could exploit this vulnerability to tricks a legitimate administrator to upload a modified configuration file to change the configuration.
CVE-2023-44318 CVSS:4.9
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could allow a remote authenticated attacker to obtain sensitive information, caused by usinf a hardcoded key to obfuscate the configuration backup. A remote authenticated attacker could exploit this vulnerability to obtains a configuration backup to extract configuration information from the exported file.
CVE-2023-44317 CVSS:7.2
Siemens SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family could allow a remote authenticated attacker to execute arbitrary code on the system, caused by failing to validate the content of uploaded X509 certificates. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Denial of Service
- Code Execution
- Unauthorized Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-44374
- CVE-2023-44373
- CVE-2023-44322
- CVE-2023-44321
- CVE-2023-44320
- CVE-2023-44319
- CVE-2023-44318
- CVE-2023-44317
Affected Vendors
Siemens
Affected Products
- Siemens SCALANCE XF-200BA
- Siemens SCALANCE XB-200
- Siemens SCALANCE XC-200
- Siemens SCALANCE XP-200
- Siemens SCALANCE XR-300WG
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.