CVE-2020-28391

Name: CVE-2020-28391
Creator: NVD / NIST
Published: 2021-01-12T21:15:18.12+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.9/10EPSS 1.12%

Last modified Jun 17, 2026

CVE-2020-28391 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. EPSS estimates a 1.12% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Metrics

CVSS 3.1

5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

1.12%

62.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Siemens	Scalance X200-4pirt Firmware	< 5.5.0
Siemens	Scalance X201-3pirt Firmware	< 5.5.0
Siemens	Scalance X202-2irt Firmware	< 5.5.0
Siemens	Scalance X202-2pirt Firmware	< 5.5.0
Siemens	Scalance X202-2pirt Siplus Net Firmware	< 5.5.0
Siemens	Scalance X204irt Firmware	< 5.5.0
Siemens	Scalance X307-3 Firmware	All versions
Siemens	Scalance X307-3ld Firmware	All versions
Siemens	Scalance X308-2 Firmware	All versions
Siemens	Scalance X308-2ld Firmware	All versions
Siemens	Scalance X308-2lh Firmware	All versions
Siemens	Scalance X308-2lh\+ Firmware	All versions
Siemens	Scalance X308-2m Firmware	All versions
Siemens	Scalance X308-2m Ts Firmware	All versions
Siemens	Scalance X310 Firmware	All versions
Siemens	Scalance X310fe Firmware	All versions
Siemens	Scalance X320-1fe Firmware	All versions
Siemens	Scalance X320-3ldfe Firmware	All versions
Siemens	Scalance Xb205-3 Firmware	< 5.2.5
Siemens	Scalance Xb205-3ld Firmware	< 5.2.5
Siemens	Scalance Xb208 Firmware	< 5.2.5
Siemens	Scalance Xb213-3 Firmware	< 5.2.5
Siemens	Scalance Xb213-3ld Firmware	< 5.2.5
Siemens	Scalance Xb216 Firmware	< 5.2.5
Siemens	Scalance Xc206-2 Firmware	< 5.2.5
Siemens	Scalance Xc206-2g Poe Firmware	< 5.2.5
Siemens	Scalance Xc206-2g Poe Eec Firmware	< 5.2.5
Siemens	Scalance Xc206-2sfp Firmware	< 5.2.5
Siemens	Scalance Xc206-2sfp Eec Firmware	< 5.2.5
Siemens	Scalance Xc206-2sfp G Firmware	< 5.2.5
Siemens	Scalance Xc206-2sfp G \(E\/Ip\) Firmware	< 5.2.5
Siemens	Scalance Xc206-2sfp G Eec Firmware	< 5.2.5
Siemens	Scalance Xc208 Firmware	< 5.2.5
Siemens	Scalance Xc208eec Firmware	< 5.2.5
Siemens	Scalance Xc208g Firmware	< 5.2.5
Siemens	Scalance Xc208g \(E\/Ip\) Firmware	< 5.2.5
Siemens	Scalance Xc208g Eec Firmware	< 5.2.5
Siemens	Scalance Xc208g Poe Firmware	< 5.2.5
Siemens	Scalance Xc216 Firmware	< 5.2.5
Siemens	Scalance Xc216-4c Firmware	< 5.2.5
Siemens	Scalance Xc216-4c G Firmware	< 5.2.5
Siemens	Scalance Xc216-4c G \(E\/Ip\) Firmware	< 5.2.5
Siemens	Scalance Xc216-4c G Eec Firmware	< 5.2.5
Siemens	Scalance Xc216eec Firmware	< 5.2.5
Siemens	Scalance Xc224-4c G Firmware	< 5.2.5
Siemens	Scalance Xc224-4c G \(E\/Ip\) Firmware	< 5.2.5
Siemens	Scalance Xc224-4c G Eec Firmware	< 5.2.5
Siemens	Scalance Xc224 Firmware	< 5.2.5
Siemens	Scalance Xf201-3p Irt Firmware	< 5.2.5
Siemens	Scalance Xf202-2p Irt Firmware	< 5.2.5

Showing 50 of 66 affected configurations. See NVD for the full list.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02Third Party Advisory, US Government Resource, Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02Third Party Advisory, US Government Resource, Vendor Advisory

Timeline

Published: Jan 12, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-28391?

How severe is CVE-2020-28391?

CVE-2020-28391 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 1.12% probability of exploitation in the next 30 days.

How do I fix CVE-2020-28391?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-28391?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST