SSA-690517 — Vulnetix

SSA-690517 PUBLISHED CVSS 7.199999809265137 HIGH

Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

Risk Scores

CVSS 3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Siemens	SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens	SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens	SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens	SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens	SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens	SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens	SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens	SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens	SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens	SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens	SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens	SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens	SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens	SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens	SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens	SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens	SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens	SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens	SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)

Timeline

Jun 11, 2024 CVE Published
Jan 14, 2025 CVE Updated

References

Open in Interactive Console →