Siemens Scalance W-7xx Series Hard-coded SSL Certificate (CVE-2013-4651)

high Tenable OT Security Plugin ID 500988


The remote OT asset is affected by a vulnerability.


Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the- middle attacks against SSL sessions by leveraging the certificate's trust relationship.

This plugin only works with Tenable.ot.
Please visit for more information.


Refer to the vendor advisory.

See Also

Plugin Details

Severity: High

ID: 500988

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 4/11/2023

Updated: 4/22/2024

Supported Sensors: Tenable OT Security

Risk Information


Risk Factor: Medium

Score: 5.2


Risk Factor: Medium

Base Score: 6.6

Temporal Score: 4.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:C

CVSS Score Source: CVE-2013-4651


Risk Factor: High

Base Score: 7.4

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:siemens:scalance_w744-1:-, cpe:/h:siemens:scalance_w744-1pro:-, cpe:/h:siemens:scalance_w746-1:-, cpe:/h:siemens:scalance_w746-1pro:-, cpe:/h:siemens:scalance_w747-1:-, cpe:/h:siemens:scalance_w747-1rr:-, cpe:/h:siemens:scalance_w784-1:-, cpe:/h:siemens:scalance_w784-1rr:-, cpe:/h:siemens:scalance_w786-1pro:-, cpe:/h:siemens:scalance_w786-2pro:-, cpe:/h:siemens:scalance_w786-2rr:-, cpe:/h:siemens:scalance_w786-3pro:-, cpe:/h:siemens:scalance_w788-1pro:-, cpe:/h:siemens:scalance_w788-1rr:-, cpe:/h:siemens:scalance_w788-2pro:-, cpe:/h:siemens:scalance_w788-2rr:-

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 8/1/2013

Vulnerability Publication Date: 8/1/2013

Reference Information

CVE: CVE-2013-4651

CWE: 255