← Back to home
ICSA-21-068-03  ·  Published 2025-05-06  ·  View on CISA ICS-CERT ↗

Siemens SCALANCE and RUGGEDCOM Devices (Update A)

CVSS 8.8 HIGH

CVEs (1)

Remediations

  • Update to V6.4 or later version
  • Update to V2.1.3 or later version
  • Update to V4.1 or later version
  • Update to V6.2 or later version
  • Deactivate the STP passive listening feature of the vulnerable devices

Affected Vendors

Siemens

Affected Products (11)

Siemens · RUGGEDCOM RM1224 >=V4.3_and_<V6.4
Siemens · SCALANCE M-800 >=V4.3_and_<V6.4
Siemens · SCALANCE S615 >=V4.3_and_<V6.4
Siemens · SCALANCE SC-600 Family >=V2.0_and_<V2.1.3
Siemens · SCALANCE XB-200 <V4.1
Siemens · SCALANCE XC-200 <V4.1
Siemens · SCALANCE XF-200BA <V4.1
Siemens · SCALANCE XM400 <V6.2
Siemens · SCALANCE XP-200 <V4.1
Siemens · SCALANCE XR500 <V6.2
Siemens · SCALANCE XR-300WG <V4.1

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more