Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.
The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Scalance_xb208_(e/ip)_firmware | Siemens | - (including) | - (including) |