Attacker Value
Unknown
CVE-2020-28391
CVE-2020-28391
(Last updated February 22, 2025) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
5.9 Medium
Impact Score:
3.6
Exploitability Score:
2.2
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None
General Information
Vendors
Products
- scalance x200-4pirt firmware,
- scalance x201-3pirt firmware,
- scalance x202-2irt firmware,
- scalance x202-2pirt firmware,
- scalance x202-2pirt siplus net firmware,
- scalance x204irt firmware,
- scalance x307-3 firmware,
- scalance x307-3ld firmware,
- scalance x308-2 firmware,
- scalance x308-2ld firmware,
- scalance x308-2lh firmware,
- scalance x308-2lh+ firmware,
- scalance x308-2m firmware,
- scalance x308-2m ts firmware,
- scalance x310 firmware,
- scalance x310fe firmware,
- scalance x320-1fe firmware,
- scalance x320-3ldfe firmware,
- scalance xb205-3 firmware,
- scalance xb205-3ld firmware,
- scalance xb208 firmware,
- scalance xb213-3 firmware,
- scalance xb213-3ld firmware,
- scalance xb216 firmware,
- scalance xc206-2 firmware,
- scalance xc206-2g poe firmware,
- scalance xc206-2g poe eec firmware,
- scalance xc206-2sfp eec firmware,
- scalance xc206-2sfp firmware,
- scalance xc206-2sfp g (e/ip) firmware,
- scalance xc206-2sfp g eec firmware,
- scalance xc206-2sfp g firmware,
- scalance xc208 firmware,
- scalance xc208eec firmware,
- scalance xc208g (e/ip) firmware,
- scalance xc208g eec firmware,
- scalance xc208g firmware,
- scalance xc208g poe firmware,
- scalance xc216 firmware,
- scalance xc216-4c firmware,
- scalance xc216-4c g (e/ip) firmware,
- scalance xc216-4c g eec firmware,
- scalance xc216-4c g firmware,
- scalance xc216eec firmware,
- scalance xc224 firmware,
- scalance xc224-4c g firmware,
- scalance xc224-4c g (e/ip) firmware,
- scalance xc224-4c g eec firmware,
- scalance xf201-3p irt firmware,
- scalance xf202-2p irt firmware,
- scalance xf204 dna firmware,
- scalance xf204 firmware,
- scalance xf204-2 firmware,
- scalance xf204-2ba dna firmware,
- scalance xf204-2ba irt firmware,
- scalance xf204irt firmware,
- scalance xf206-1 firmware,
- scalance xf208 firmware,
- scalance xp208 (eip) firmware,
- scalance xp208 firmware,
- scalance xp208eec firmware,
- scalance xp208poe eec firmware,
- scalance xp216 (eip) firmware,
- scalance xp216 firmware,
- scalance xp216eec firmware,
- scalance xp216poe eec firmware
