#VU53228 Incorrect calculation in SCALANCE XM-400 and SCALANCE XR-500 - CVE-2020-28393

Cybersecurity Help s.r.o.

Published: 2021-05-13

Vulnerability identifier: #VU53228

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-28393

CWE-ID: CWE-682

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SCALANCE XM-400
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR-500
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Siemens

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation issue. A remote attacker can send a specially crafted OSPF packet and cause a denial of service condition.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SCALANCE XM-400: before 6.4

SCALANCE XR-500: before 6.4

External links
https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Siemens SCALANCE XM-400 and XR-500 Devices