← Back to home

ICSA-19-253-03 · Published 2022-05-12 · View on CISA ICS-CERT ↗

ICSA-19-253-03_Siemens Industrial Products (Update P)

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could cause denial-of-service condition.

CVEs (4)

CVE-2019-8460 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479

Remediations

The following products are discontinued as of October 1, 2019. Siemens recommends upgrading hardware to successor products from the SCALANCE SC-600 family and applying patches when available, or following the manual mitigations addressed below.SCALANCE S602: Update to v4.1 (Update is only available via Siemens Support contact)

Affected Vendors

Siemens

Affected Products (107)

Siemens · SIMATIC ITC2200 PRO < 3.1.1.0

Siemens · SIMATIC RF188C < 1.3

Siemens · SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB- 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant) < 2.8.4

Siemens · SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) < 4.0

Siemens · SIMATIC CP 442-1 RNA (6GK7442-1RX00-0XE0) < 1.5.18

Siemens · SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) < 6.2

Siemens · SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) < 4.0

Siemens · SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) < 4.0

Siemens · SCALANCE M876-3 (6GK5876-3AA02-2BA2) < 6.2

Siemens · SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) < 4.0

Siemens · SIMATIC ITC1900 < 3.1.1.0

Siemens · SCALANCE M804PB (6GK5804-0AP00-2AA2) < 6.2

Siemens · SCALANCE SC646-2C (6GK5646-2GS00-2AC2) < 2.0.1

Siemens · SIMATIC RF186C < 1.3

Siemens · SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) < 3.2

Siemens · SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) < 4.0

Siemens · SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) < 2.8.4

Siemens · RUGGEDCOM RM1224 (6GK6108-4AM00) < 6.2

Siemens · TIM 3V-IE DNP3 (incl. SIPLUS NET variants) vers:all/*

Siemens · TIM 4R-IE (incl. SIPLUS NET variants) vers:all/*

Siemens · SCALANCE SC622-2C (6GK5622-2GS00-2AC2) < 2.0.1

Siemens · SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) < 6.2

Siemens · SCALANCE S623 < 4.1

Siemens · SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) < 4.0

Siemens · SIMATIC CP 443-1 RNA (6GK7443-1RX00-0XE0) < 1.5.18

Siemens · SCALANCE W1750D < 8.6.0

Siemens · SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) < 2.1

Siemens · SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) < 6.2

Siemens · ROX II < 2.13.3

Siemens · SCALANCE S612 < 4.1

Siemens · SCALANCE M875 vers:all/*

Siemens · SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) < 4.0

Siemens · SINUMERIK 808D < 4.92

Siemens · SIMATIC MV540 H (6GF3540-0GE10) < 2.1

Siemens · SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) < 4.0

Siemens · SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) < 4.0

Siemens · RUGGEDCOM RX 1400 VPE Linux CloudConnect < 9 Linux Image 2019-12-13 | 13 (only affected by CVE-2019-11479)

Siemens · SIMATIC ITC2200 < 3.1.1.0

Siemens · SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) vers:all/*

Siemens · SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) < 2.1

Siemens · SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) < 4.0

Siemens · CloudConnect 712 < 1.1.5

Siemens · TIM 3V-IE (incl. SIPLUS NET variants) vers:all/*

Siemens · SIMATIC RF186CI < 1.3

Siemens · TIM 1531 IRC (incl. SIPLUS NET variants) < 2.1

Siemens · SIMATIC MV540 S (6GF3540-0CD10) < 2.1

Siemens · SIMATIC CP 1242-7C < 3.2

Siemens · SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) < 6.2

Siemens · SCALANCE SC632-2C (6GK5632-2GS00-2AC2) < 2.0.1

Siemens · SIMATIC CP 443-1 (incl. SIPLUS variants) vers:all/*

Siemens · SIMATIC CP 1628 (6GK1162-8AA00) < 17.0

Siemens · SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) < 3.2

Siemens · TIM 4R-IE DNP3 (incl. SIPLUS NET variants) vers:all/*

Siemens · SIMATIC ITC1900 PRO < 3.1.1.0

Siemens · SIMATIC ITC1500 PRO < 3.1.1.0

Siemens · SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) < 3.2

Siemens · SIMATIC ITC1500 < 3.1.1.0

Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) < 2.1

Siemens · SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) < 4.0

Siemens · SIMATIC CM 1542-1 < 3.0

Siemens · SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) < 3.2

Siemens · SIMATIC MV560 X (6GF3560-0HE10) < 2.1

Siemens · SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) < 6.2

Siemens · SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) < 3.2

Siemens · SIMATIC MV550 S (6GF3550-0CD10) < 2.1

Siemens · SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) < 2.2

Siemens · SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) < 4.0

Siemens · SIMATIC Teleservice Adapter IE Advanced vers:all/*

Siemens · SCALANCE S602 < 4.1

Siemens · SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0) vers:all/*

Siemens · SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) vers:all/*

Siemens · SIMATIC RF188CI < 1.3

Siemens · SCALANCE S627-2M < 4.1

Siemens · SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) < 6.2

Siemens · SCALANCE WLC711 vers:all/*

Siemens · TIM 3V-IE Advanced (incl. SIPLUS NET variants) vers:all/*

Siemens · SIMATIC MV560 U (6GF3560-0LE10) < 2.1

Siemens · SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) < 4.0

Siemens · SINEMA Remote Connect Server < 2.1

Siemens · SCALANCE WLC712 vers:all/*

Siemens · RUGGEDCOM RX 1400 VPE Debian Linux < 9 Linux Image 2019-12-13

Siemens · SCALANCE M874-3 (6GK5874-3AA00-2AA2) < 6.2

Siemens · SIMATIC Teleservice Adapter IE Basic vers:all/*

Siemens · SCALANCE SC642-2C (6GK5642-2GS00-2AC2) < 2.0.1

Siemens · SCALANCE S615 (6GK5615-0AA00-2AA2) < 6.2

Siemens · SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) < 4.0

Siemens · SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) < 6.2

Siemens · SCALANCE SC636-2C (6GK5636-2GS00-2AC2) < 2.0.1

Siemens · SIMATIC CP 1623 (6GK1162-3AA00) < 14.00.15.00_51.25.00.01

Siemens · SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) < 2.1

Siemens · SINUMERIK 828D < 4.8 | SP5

Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) < 2.1

Siemens · RUGGEDCOM APE 1404 Linux < 9 Linux Image 2019-12-13

Siemens · SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) < 2.1

Siemens · SINUMERIK 840D sl < 4.8 SP5

Siemens · SIMATIC MV550 H (6GF3550-0GE10) < 2.1

Siemens · SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) < 2.2

Siemens · SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) < 4.0

Siemens · SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) < 4.0

Siemens · SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) < 6.2

Siemens · SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) < 3.2

Siemens · SIMATIC RF185C < 1.3

Siemens · SCALANCE M874-2 (6GK5874-2AA00-2AA2) < 6.2

Siemens · SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) < 4.0

Siemens · SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) < 4.0

Siemens · SCALANCE W-700 IEEE 802.11n family < 6.4

Siemens · SCALANCE W-1700 IEEE 802.11ac family < 2.0

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more