Siemens SCALANCE X-200 Authentication Bypass

Critical Nessus Plugin ID 70530


The remote device is affected by an authentication bypass vulnerability.


According to the self-reported version of the remote SCALANCE device, it is affected by an unspecified vulnerability that could allow an attacker to execute administrative functions on the device without authentication.


For non-IRT devices, upgrade to firmware version 4.5.0 or later. For IRT devices, upgrade to firmware version 5.1.0 or later.

See Also

Plugin Details

Severity: Critical

ID: 70530

File Name: scada_siemens_scalance_x200_auth_bypass.nbin

Version: $Revision: 1.21 $

Type: remote

Family: SCADA

Published: 2013/10/21

Modified: 2018/01/29

Dependencies: 10800

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:scalance_x-200_series_firmware

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/09/04

Vulnerability Publication Date: 2013/10/01

Reference Information

CVE: CVE-2013-5944

BID: 62762

OSVDB: 97965

ICSA: 13-274-01