CVE-2020-28400

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

Published: Jul 13, 2021
Updated: May 4, 2025
CVE: CVE-2020-28400
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-770

Affected Software
References

Software	From	Fixed in
siemens / dk_standard_ethernet_controller_evaluation_kit_firmware	-	-
siemens / ek-ertec_200_evaulation_kit_firmware	-	-
siemens / ek-ertec_200p_evaluation_kit_firmware	-	4.7
siemens / ruggedcom_rm1224_firmware	-	6.4
siemens / scalance_m-800_firmware	-	6.4
siemens / scalance_s615_firmware	-	6.4
siemens / scalance_w700_firmware	-	-
siemens / scalance_w1700_firmware	-	-
siemens / scalance_x200-4_p_irt_firmware	-	5.5.0
siemens / scalance_x201-3p_irt_firmware	-	5.5.0
siemens / scalance_x201-3p_irt_pro_firmware	-	5.5.0
siemens / scalance_x202-2_irt_firmware	-	5.5.0
siemens / scalance_x202-2p_irt_pro_firmware	-	5.5.0
siemens / scalance_x204_irt_firmware	-	5.5.0
siemens / scalance_x204_irt_pro_firmware	-	5.5.0
siemens / scalance_x204-2_firmware	-	5.2.5
siemens / scalance_x204-2fm_firmware	-	5.2.5
siemens / scalance_x204-2ld_firmware	-	5.2.5
siemens / scalance_x204-2ld_ts_firmware	-	5.2.5
siemens / scalance_x204-2ts_firmware	-	5.2.5
siemens / scalance_x206-1_firmware	-	5.2.5
siemens / scalance_x206-1ld_firmware	-	5.2.5
siemens / scalance_x208_firmware	-	5.2.5
siemens / scalance_x208pro_firmware	-	5.2.5
siemens / scalance_x212-2_firmware	-	5.2.5
siemens / scalance_x212-2ld_firmware	-	5.2.5
siemens / scalance_x216_firmware	-	5.2.5
siemens / scalance_x224_firmware	-	5.2.5
siemens / scalance_x302-7eec_firmware	-	-
siemens / scalance_x304-2fe_firmware	-	-
siemens / scalance_x306-1ldfe_firmware	-	-
siemens / scalance_x307-2eec_firmware	-	-
siemens / scalance_x307-3_firmware	-	-
siemens / scalance_x307-3ld_firmware	-	-
siemens / scalance_x308-2_firmware	-	-
siemens / scalance_x308-2ld_firmware	-	-
siemens / scalance_x308-2lh_firmware	-	-
siemens / scalance_x308-2lh+_firmware	-	-
siemens / scalance_x308-2m_firmware	-	-
siemens / scalance_x308-2m_poe_firmware	-	-
siemens / scalance_x308-2m_ts_firmware	-	-
siemens / scalance_x310_firmware	-	-
siemens / scalance_x310fe_firmware	-	-
siemens / scalance_x320-1fe_firmware	-	-
siemens / scalance_x320-3ldfe_firmware	-	-
siemens / scalance_xb-200_firmware	-	4.3
siemens / scalance_xc-200_firmware	-	4.3
siemens / scalance_xf201-3p_irt_firmware	-	5.5.0
siemens / scalance_xf202-2p_irt_firmware	-	5.5.0
siemens / scalance_xf204_firmware	-	5.2.5
siemens / scalance_xf204_irt_firmware	-	5.5.0
siemens / scalance_xf204-2_firmware	-	5.2.5
siemens / scalance_xf204-2ba_irt_firmware	-	5.5.0
siemens / scalance_xf206-1_firmware	-	5.2.5
siemens / scalance_xf208_firmware	-	5.2.5
siemens / scalance_xf-200ba_firmware	-	4.3
siemens / scalance_xm400_firmware	-	6.3.1
siemens / scalance_xp-200_firmware	-	4.3
siemens / scalance_xr324-4m_eec_firmware	-	-
siemens / scalance_xr324-4m_poe_firmware	-	-
siemens / scalance_xr324-4m_poe_ts_firmware	-	-
siemens / scalance_xr324-12m_firmware	-	-
siemens / scalance_xr324-12m_ts_firmware	-	-
siemens / scalance_xr500_firmware	-	6.3.1
siemens / scalance_xr-300wg_firmware	-	4.3
siemens / simatic_cfu_pa_firmware	-	-
siemens / simatic_ie/pb-link_v3_firmware	-	-
siemens / simatic_mv500_firmware	-	3.0
siemens / simatic_net_cm_1542-1_firmware	-	-
siemens / simatic_net_cp1616_firmware	-	2.7.x
siemens / simatic_net_cp1604_firmware	-	2.7.x
siemens / simatic_net_cp1626_firmware	-	-
siemens / simatic_net_dk-16xx_pn_io	-	2.7.x
siemens / simatic_power_line_booster_plb_firmware	-	-
siemens / simatic_profinet_driver_firmware	-	2.3
siemens / simatic_s7-1200_firmware	-	4.5
siemens / simocode_prov_ethernet/ip_firmware	-	1.1.3
siemens / simocode_prov_profinet_firmware	-	2.1.3
siemens / softnet-ie_pnio_firmware	-	-

Vulnerability Database

289,599

CVE-2020-28400