1. EXECUTIVE SUMMARY
- CVSS v4 6.3
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: SCALANCE M-800 family (incl. S615, MUM-800 and RM1224), SCALANCE SC-600 family
- Vulnerability: Partial String Comparison
2. RISK EVALUATION
The vulnerability identified in the Siemens SCALANCE and RUGGEDCOM product lines poses a significant risk to organizations utilizing these devices. Successful exploitation could allow an attacker to obtain partial invalid usernames accepted by the server, potentially leading to unauthorized access. A remote attacker would require access to a valid certificate to execute a successful attack, which adds a layer of complexity to the exploitation process.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens has confirmed that the following products are affected by the vulnerability:
- Siemens SCALANCE SC-600 family: All versions
- Siemens RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2): All versions prior to V8.2.1
- Siemens SCALANCE M876-3 (6GK5876-3AA02-2BA2): All versions prior to V8.2.1
- Siemens SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2): All versions prior to V8.2.1
- Siemens SCALANCE M876-4 (6GK5876-4AA10-2BA2): All versions prior to V8.2.1
- Siemens SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2): All versions prior to V8.2.1
- Siemens SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2): All versions prior to V8.2.1
- Siemens SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1): All versions prior to V8.2.1
- Siemens SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1): All versions prior to V8.2.1
- Siemens RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2): All versions prior to V8.2.1
- Siemens SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1): All versions prior to V8.2.1
- Siemens SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1): All versions prior to V8.2.1
- Siemens SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2): All versions prior to V8.2.1
- Siemens SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2): All versions prior to V8.2.1
- Siemens SCALANCE M804PB (6GK5804-0AP00-2AA2): All versions prior to V8.2.1
- Siemens SCALANCE M812-1 ADSL-Router family: All versions prior to V8.2.1
- Siemens SCALANCE M816-1 ADSL-Router family: All versions prior to V8.2.1
- Siemens SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2): All versions prior to V8.2.1
- Siemens SCALANCE M874-2 (6GK5874-2AA00-2AA2): All versions prior to V8.2.1
- Siemens SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2): All versions prior to V8.2.1
- Siemens SCALANCE M874-3 (6GK5874-3AA00-2AA2): All versions prior to V8.2.1
3.2 VULNERABILITY OVERVIEW
3.2.1 PARTIAL STRING COMPARISON CWE-187
The vulnerability arises from improper validation of usernames during OpenVPN authentication, which could allow an attacker to obtain partial invalid usernames accepted by the server. This flaw is documented under CVE-2025-23384, with a CVSS v3 base score of 3.7 and a CVSS v4 base score of 6.3




