CVE-2022-36324

Description

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

CVSS breakdown

Affected products

• Siemens / RUGGEDCOM RM1224 LTE(4G) EU0 – V7.1.2
• Siemens / RUGGEDCOM RM1224 LTE(4G) NAM0 – V7.1.2
• Siemens / SCALANCE M804PB0 – V7.1.2
• Siemens / SCALANCE M812-1 ADSL-Router0 – V7.1.2
• Siemens / SCALANCE M816-1 ADSL-Router0 – V7.1.2
• Siemens / SCALANCE M826-2 SHDSL-Router0 – V7.1.2
• Siemens / SCALANCE M874-20 – V7.1.2
• Siemens / SCALANCE M874-30 – V7.1.2
• Siemens / SCALANCE M876-30 – V7.1.2
• Siemens / SCALANCE M876-3 (ROK)0 – V7.1.2
• Siemens / SCALANCE M876-4 (EU)0 – V7.1.2
• Siemens / SCALANCE M876-4 (NAM)0 – V7.1.2
• Siemens / SCALANCE MUM853-1 (EU)0 – V7.1.2
• Siemens / SCALANCE MUM856-1 (EU)0 – V7.1.2
• Siemens / SCALANCE MUM856-1 (RoW)0 – V7.1.2
• Siemens / SCALANCE S615 LAN-Router0 – V7.1.2
• Siemens / SCALANCE SC622-2C0 – V2.3.1
• Siemens / SCALANCE SC626-2C0 – V2.3.1
• Siemens / SCALANCE SC632-2C0 – V2.3.1
• Siemens / SCALANCE SC636-2C0 – V2.3.1
• Siemens / SCALANCE SC642-2C0 – V2.3.1
• Siemens / SCALANCE SC646-2C0 – V2.3.1
• Siemens / SCALANCE W1748-1 M120 – *
• Siemens / SCALANCE W1788-1 M120 – *
• Siemens / SCALANCE W1788-2 EEC M120 – *
• Siemens / SCALANCE W1788-2IA M120 – *
• Siemens / SCALANCE W1788-2 M120 – *
• Siemens / SCALANCE W721-1 RJ450 – V6.6.0
• Siemens / SCALANCE W722-1 RJ450 – V6.6.0
• Siemens / SCALANCE W734-1 RJ450 – V6.6.0
• Siemens / SCALANCE W734-1 RJ45 (USA)0 – V6.6.0
• Siemens / SCALANCE W738-1 M120 – V6.6.0
• Siemens / SCALANCE W748-1 M120 – V6.6.0
• Siemens / SCALANCE W748-1 RJ450 – V6.6.0
• Siemens / SCALANCE W761-1 RJ450 – V6.6.0
• Siemens / SCALANCE W774-1 M12 EEC0 – V6.6.0
• Siemens / SCALANCE W774-1 RJ450 – V6.6.0
• Siemens / SCALANCE W774-1 RJ45 (USA)0 – V6.6.0
• Siemens / SCALANCE W778-1 M120 – V6.6.0
• Siemens / SCALANCE W778-1 M12 EEC0 – V6.6.0
• Siemens / SCALANCE W778-1 M12 EEC (USA)0 – V6.6.0
• Siemens / SCALANCE W786-1 RJ450 – V6.6.0
• Siemens / SCALANCE W786-2IA RJ450 – V6.6.0
• Siemens / SCALANCE W786-2 RJ450 – V6.6.0
• Siemens / SCALANCE W786-2 SFP0 – V6.6.0
• Siemens / SCALANCE W788-1 M120 – V6.6.0
• Siemens / SCALANCE W788-1 RJ450 – V6.6.0
• Siemens / SCALANCE W788-2 M120 – V6.6.0
• Siemens / SCALANCE W788-2 M12 EEC0 – V6.6.0
• Siemens / SCALANCE W788-2 RJ450 – V6.6.0
• Siemens / SCALANCE WAM763-10 – V2.0.0
• Siemens / SCALANCE WAM766-10 – V2.0.0
• Siemens / SCALANCE WAM766-1 EEC0 – V2.0.0
• Siemens / SCALANCE WAM766-1 EEC (US)0 – V2.0.0
• Siemens / SCALANCE WAM766-1 (US)0 – V2.0.0
• Siemens / SCALANCE WUM763-10 – V2.0.0
• Siemens / SCALANCE WUM766-10 – V2.0.0
• Siemens / SCALANCE WUM766-1 (USA)0 – V2.0.0
• Siemens / SCALANCE XB205-3LD (SC, E/IP)0 – V4.4
• Siemens / SCALANCE XB205-3LD (SC, PN)0 – V4.4
• Siemens / SCALANCE XB205-3 (SC, PN)0 – V4.4
• Siemens / SCALANCE XB205-3 (ST, E/IP)0 – V4.4
• Siemens / SCALANCE XB205-3 (ST, PN)0 – V4.4
• Siemens / SCALANCE XB208 (E/IP)0 – V4.4
• Siemens / SCALANCE XB208 (PN)0 – V4.4
• Siemens / SCALANCE XB213-3LD (SC, E/IP)0 – V4.4
• Siemens / SCALANCE XB213-3LD (SC, PN)0 – V4.4
• Siemens / SCALANCE XB213-3 (SC, E/IP)0 – V4.4
• Siemens / SCALANCE XB213-3 (SC, PN)0 – V4.4
• Siemens / SCALANCE XB213-3 (ST, E/IP)0 – V4.4
• Siemens / SCALANCE XB213-3 (ST, PN)0 – V4.4
• Siemens / SCALANCE XB216 (E/IP)0 – V4.4
• Siemens / SCALANCE XB216 (PN)0 – V4.4
• Siemens / SCALANCE XC206-2G PoE0 – V4.4
• Siemens / SCALANCE XC206-2G PoE (54 V DC)0 – V4.4
• Siemens / SCALANCE XC206-2G PoE EEC (54 V DC)0 – V4.4
• Siemens / SCALANCE XC206-2 (SC)0 – V4.4
• Siemens / SCALANCE XC206-2SFP0 – V4.4
• Siemens / SCALANCE XC206-2SFP EEC0 – V4.4
• Siemens / SCALANCE XC206-2SFP G0 – V4.4
• Siemens / SCALANCE XC206-2SFP G EEC0 – V4.4
• Siemens / SCALANCE XC206-2SFP G (EIP DEF.)0 – V4.4
• Siemens / SCALANCE XC206-2 (ST/BFOC)0 – V4.4
• Siemens / SCALANCE XC2080 – V4.4
• Siemens / SCALANCE XC208EEC0 – V4.4
• Siemens / SCALANCE XC208G0 – V4.4
• Siemens / SCALANCE XC208G EEC0 – V4.4
• Siemens / SCALANCE XC208G (EIP def.)0 – V4.4
• Siemens / SCALANCE XC208G PoE0 – V4.4
• Siemens / SCALANCE XC208G PoE (54 V DC)0 – V4.4
• Siemens / SCALANCE XC2160 – V4.4
• Siemens / SCALANCE XC216-3G PoE0 – V4.4
• Siemens / SCALANCE XC216-3G PoE (54 V DC)0 – V4.4
• Siemens / SCALANCE XC216-4C0 – V4.4
• Siemens / SCALANCE XC216-4C G0 – V4.4
• Siemens / SCALANCE XC216-4C G EEC0 – V4.4
• Siemens / SCALANCE XC216-4C G (EIP Def.)0 – V4.4
• Siemens / SCALANCE XC216EEC0 – V4.4
• Siemens / SCALANCE XC2240 – V4.4
• Siemens / SCALANCE XC224-4C G0 – V4.4
• Siemens / SCALANCE XC224-4C G EEC0 – V4.4
• Siemens / SCALANCE XC224-4C G (EIP Def.)0 – V4.4
• Siemens / SCALANCE XF2040 – V4.4
• Siemens / SCALANCE XF204-2BA0 – V4.4
• Siemens / SCALANCE XF204-2BA DNA0 – V4.4
• Siemens / SCALANCE XF204 DNA0 – V4.4
• Siemens / SCALANCE XM408-4C0 – V6.6
• Siemens / SCALANCE XM408-4C (L3 int.)0 – V6.6
• Siemens / SCALANCE XM408-8C0 – V6.6
• Siemens / SCALANCE XM408-8C (L3 int.)0 – V6.6
• Siemens / SCALANCE XM416-4C0 – V6.6
• Siemens / SCALANCE XM416-4C (L3 int.)0 – V6.6
• Siemens / SCALANCE XP2080 – V4.4
• Siemens / SCALANCE XP208EEC0 – V4.4
• Siemens / SCALANCE XP208 (Ethernet/IP)0 – V4.4
• Siemens / SCALANCE XP208PoE EEC0 – V4.4
• Siemens / SCALANCE XP2160 – V4.4
• Siemens / SCALANCE XP216EEC0 – V4.4
• Siemens / SCALANCE XP216 (Ethernet/IP)0 – V4.4
• Siemens / SCALANCE XP216POE EEC0 – V4.4
• Siemens / SCALANCE XR324WG (24 x FE, AC 230V)0 – V4.4
• Siemens / SCALANCE XR324WG (24 X FE, DC 24V)0 – V4.4
• Siemens / SCALANCE XR326-2C PoE WG0 – V4.4
• Siemens / SCALANCE XR326-2C PoE WG (without UL)0 – V4.4
• Siemens / SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)0 – V4.4
• Siemens / SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)0 – V4.4
• Siemens / SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)0 – V4.4
• Siemens / SCALANCE XR328-4C WG (28xGE, AC 230V)0 – V4.4
• Siemens / SCALANCE XR328-4C WG (28xGE, DC 24V)0 – V4.4
• Siemens / SCALANCE XR524-8C, 1x230V0 – V6.6
• Siemens / SCALANCE XR524-8C, 1x230V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR524-8C, 24V0 – V6.6
• Siemens / SCALANCE XR524-8C, 24V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR524-8C, 2x230V0 – V6.6
• Siemens / SCALANCE XR524-8C, 2x230V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR526-8C, 1x230V0 – V6.6
• Siemens / SCALANCE XR526-8C, 1x230V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR526-8C, 24V0 – V6.6
• Siemens / SCALANCE XR526-8C, 24V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR526-8C, 2x230V0 – V6.6
• Siemens / SCALANCE XR526-8C, 2x230V (L3 int.)0 – V6.6
• Siemens / SCALANCE XR528-6M0 – V6.6
• Siemens / SCALANCE XR528-6M (2HR2)0 – V6.6
• Siemens / SCALANCE XR528-6M (2HR2, L3 int.)0 – V6.6
• Siemens / SCALANCE XR528-6M (L3 int.)0 – V6.6
• Siemens / SCALANCE XR552-12M0 – V6.6
• Siemens / SCALANCE XR552-12M (2HR2)0 – V6.6
• Siemens / SCALANCE XR552-12M (2HR2, L3 int.)0 – V6.6
• Siemens / SIPLUS NET SCALANCE XC206-20 – V4.4
• Siemens / SIPLUS NET SCALANCE XC206-2SFP0 – V4.4
• Siemens / SIPLUS NET SCALANCE XC2080 – V4.4
• Siemens / SIPLUS NET SCALANCE XC216-4C0 – V4.4

References

• MISChttps://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf
• MISChttps://cert-portal.siemens.com/productcert/html/ssa-710008.html
• MISChttps://cert-portal.siemens.com/productcert/html/ssa-019200.html