VDB
ICSA-22-349-21
ICSA-22-349-21
PUBLISHED
CVSS 5.300000190734863 MEDIUM
SCALANCE X-200RNA switch devices before V3.2.7 contain multiple OpenSSL and OpenSSH vulnerabilities. The most severe of these vulnerabilities could allow a denial of service condition or could lead to execution of arbitrary code. Siemens has released updates for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2) | ||
| SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3) | ||
| SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3) | ||
| SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2) | ||
| SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3) |
Exploit Intelligence
- Professional cybersecurity assessment demonstrating vulnerability identification, CVSS severity scoring, MITRE ATT&CK framework application, and detailed remediation planning for OpenSSH 6.6.1p1 critical vulnerabilities (CVE-2016-0777, CVE-2015-5600) (github-poc-repo)
- Professional cybersecurity assessment demonstrating vulnerability identification, CVSS severity scoring, MITRE ATT&CK framework application, and detailed remediation planning for OpenSSH 6.6.1p1 critical vulnerabilities (CVE-2016-0777, CVE-2015-5600) (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container. (github-poc)
- ACharaf06/CVE-2017-5638-Attack-and-Defense (github-poc)
- CVE-2017-5638- PoC (github-poc)
- A hands-on simulation of CVE-2017-5638 (Apache Struts2 RCE), showcasing exploit reproduction, OS-level command execution, and mitigations such as input sanitization and endpoint monitoring. Built in Python/Flask with Jupyter notebook demos (github-poc)
- MuhammadAbdullah192/CVE-2017-5638-Remote-Code-Execution-Apache-Struts2-EXPLOITATION (github-poc)
- Apache Struts2 CVE-2017-5638 (Safe Educational Demo) (github-poc)
…and 122 more exploits
Timeline
- Jul 7, 2016 PoC Published
- Apr 30, 2017 PoC Published
- Oct 2, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Sep 6, 2021 PoC Published
- Dec 13, 2022 CVE Published
- Oct 9, 2024 PoC Published
- Dec 12, 2024 PoC Published
- Mar 28, 2025 PoC Published
- Sep 26, 2025 PoC Published
References
- https://support.industry.siemens.com/cs/ww/en/view/109814809/ fix
- https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-412672.txt advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-21.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-21 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url