Vulnerability Details CVE-2020-28393
An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.1
References
Products affected by CVE-2020-28393
-
cpe:2.3:h:siemens:scalance_xm-400:-
-
cpe:2.3:h:siemens:scalance_xm408-4c:-
-
cpe:2.3:h:siemens:scalance_xm408-4c_l3:-
-
cpe:2.3:h:siemens:scalance_xm408-8c:-
-
cpe:2.3:h:siemens:scalance_xm408-8c_l3:-
-
cpe:2.3:h:siemens:scalance_xm416-4c:-
-
cpe:2.3:h:siemens:scalance_xm416-4c_l3:-
-
cpe:2.3:h:siemens:scalance_xr524:-
-
cpe:2.3:h:siemens:scalance_xr526:-
-
cpe:2.3:h:siemens:scalance_xr528:-
-
cpe:2.3:h:siemens:scalance_xr552:-
-
cpe:2.3:o:siemens:scalance_xm-400_firmware:-
-
cpe:2.3:o:siemens:scalance_xm-400_firmware:6.0
-
cpe:2.3:o:siemens:scalance_xm-400_firmware:6.2.3
-
cpe:2.3:o:siemens:scalance_xm408-4c_firmware:-
-
cpe:2.3:o:siemens:scalance_xm408-4c_l3_firmware:-
-
cpe:2.3:o:siemens:scalance_xm408-8c_firmware:-
-
cpe:2.3:o:siemens:scalance_xm408-8c_l3_firmware:-
-
cpe:2.3:o:siemens:scalance_xm416-4c_firmware:-
-
cpe:2.3:o:siemens:scalance_xm416-4c_l3_firmware:-
-
cpe:2.3:o:siemens:scalance_xr524_firmware:-
-
cpe:2.3:o:siemens:scalance_xr524_firmware:6.0
-
cpe:2.3:o:siemens:scalance_xr524_firmware:6.2.3
-
cpe:2.3:o:siemens:scalance_xr526_firmware:-
-
cpe:2.3:o:siemens:scalance_xr526_firmware:6.0
-
cpe:2.3:o:siemens:scalance_xr526_firmware:6.2.3
-
cpe:2.3:o:siemens:scalance_xr528_firmware:-
-
cpe:2.3:o:siemens:scalance_xr528_firmware:6.0
-
cpe:2.3:o:siemens:scalance_xr528_firmware:6.2.3
-
cpe:2.3:o:siemens:scalance_xr552_firmware:-
-
cpe:2.3:o:siemens:scalance_xr552_firmware:6.0
-
cpe:2.3:o:siemens:scalance_xr552_firmware:6.2.3