ICSA-17-332-01
·
Published 2018-05-09
·
View on CISA ICS-CERT ↗
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
CVSS 8.1
HIGH
Remediations
- SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox 'Enable DNS Proxy'), and configure the connected devices in the internal network to use a different DNS server
- SCALANCE W1750D: If 'OpenDNS', 'Captive Portal' or 'URL redirection' functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP
- Update to V5.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109757544
- Update to V6.5.1.5 or later version https://support.industry.siemens.com/cs/ww/en/view/109778052
Affected Vendors
Siemens
Affected Products (3)
Siemens
·
RUGGEDCOM RM1224
<V5.0
Siemens
·
SCALANCE M-800 / S615
<V5.0
Siemens
·
SCALANCE W1750D
<V6.5.1.5
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more