ICSA-18-165-01
·
Published 2020-12-08
·
View on CISA ICS-CERT ↗
Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update D)
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Use static IP addresses instead of DHCP
- Apply cell protection concept: https://www.siemens.com/cert/operational-guidelines-industrial-security
- Apply Defense-in-Depth: https://www.siemens.com/cert/operational-guidelines-industrial-security
- For SIMATIC RF182C and RFID 181EIP: migrate to a successor product within the SIMATIC RF18xC/CI family, V1.3 or later version. For details refer to the phase-out announcement.
- Update to V5.2 https://support.industry.siemens.com/cs/ww/en/view/109762466
- Update to V5.2.3 https://support.industry.siemens.com/cs/ww/en/view/109758142
- Update to V5.4.1 https://support.industry.siemens.com/cs/ww/en/view/109758144
- Update to V3.2.6 https://support.industry.siemens.com/cs/ww/en/view/109767359
- Update to V4.1.3 https://support.industry.siemens.com/cs/document/109773547
Affected Vendors
Siemens
Affected Products (9)
Siemens
·
RFID 181EIP
vers:all/*
Siemens
·
RUGGEDCOM Win
V4.4|V4.5|V5.0|V5.1
Siemens
·
SCALANCE X-200 switch family (incl.'SIPLUS NET variants)
<V5.2.3
Siemens
·
SCALANCE X-200IRT switch family (incl.'SIPLUS NET variants)
<V5.4.1
Siemens
·
SCALANCE X-200RNA switch family
<V3.2.6
Siemens
·
SCALANCE X-300 switch family (incl.'SIPLUS NET variants)
<V4.1.3
Siemens
·
SCALANCE X408
<V4.1.3
Siemens
·
SCALANCE X414
vers:all/*
Siemens
·
SIMATIC RF182C
vers:all/*
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more