← Back to home
ICSA-20-042-05  ·  Published 2023-01-10  ·  View on CISA ICS-CERT ↗

Siemens SIMATIC S7 (Update B)

CVSS 5.3 MEDIUM

CVEs (1)

Remediations

  • Restrict access to the device to the internal or VPN network and to trusted IP addresses only
  • Disable the web server. Note that this feature is disabled by default
  • Restrict access to the web server (80/tcp, 443/tcp) to trusted IP addresses
  • Currently no fix is planned
  • Update to V4.1 or later version
  • Update to V3.X.17 or later version

Affected Vendors

Siemens

Affected Products (27)

Siemens · SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0) <V3.X.17
Siemens · SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0) <V3.X.17
Siemens · SIMATIC ET 200pro IM154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) <V3.X.17
Siemens · SIMATIC ET 200S IM151-8 PN/DP CPU (6ES7151-8AB01-0AB0) <V3.X.17
Siemens · SIMATIC ET 200S IM151-8F PN/DP CPU (6ES7151-8FB01-0AB0) <V3.X.17
Siemens · SIMATIC S7-1200 CPU family (incl. SIPLUS variants) <V4.1
Siemens · SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) <V3.X.17
Siemens · SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) <V3.X.17
Siemens · SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) vers:all/*
Siemens · SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) vers:all/*
Siemens · SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0) vers:all/*
Siemens · SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0) vers:all/*
Siemens · SIPLUS ET 200S IM151-8 PN/DP CPU (6AG1151-8AB01-7AB0) <V3.X.17
Siemens · SIPLUS ET 200S IM151-8F PN/DP CPU (6AG1151-8FB01-2AB0) <V3.X.17
Siemens · SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) <V3.X.17
Siemens · SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) <V3.X.17
Siemens · SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) <V3.X.17
Siemens · SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) <V3.X.17
Siemens · SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) <V3.X.17

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more