← Back to home
ICSA-21-131-03  ·  Published 2023-03-14  ·  View on CISA ICS-CERT ↗

Siemens Linux-based Products (Update J)

CVSS 7.4 HIGH

CVEs (1)

Remediations

  • Use name servers inside corporate environments
  • Restrict access of CLI and web-based management interfaces for the affected devices to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 where possible
  • Disable outgoing ICMP packets by using "service ACLs" to implement blocking rules
  • Update to V2.2.28 or later version
  • Update to V6.4 or later version
  • Update to V3.0 SP1 or later version
  • Update to V2.1.3 or later version
  • Update to V8.7.1.3 or later version
  • Update to V3.3 or later version
  • Update to V3.3.46 or later version
  • Update to V3.0 or later version
  • Update to V1.1 or later version
  • Update to V2.2 Update 1 or later version
  • Update to V1.6 or later version
  • Update to V3.1 or later version

Affected Vendors

Siemens

Affected Products (32)

Siemens · RUGGEDCOM RM1224 family (6GK6108-4AM00) >=V5.0_and_<V6.4
Siemens · SCALANCE M-800 family >=V5.0_and_<V6.4
Siemens · SCALANCE S615 (6GK5615-0AA00-2AA2) >=V5.0_and_<V6.4
Siemens · SCALANCE SC-600 family <V2.1.3
Siemens · SCALANCE W1750D 8.3.0.1|8.6.0|8.7.0
Siemens · SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00) <>_V1.0_and_V1.6
Siemens · SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00) <>_V1.0_and_V1.6
Siemens · SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) >=V3.1.39_<V3.3
Siemens · SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) >=V3.1.39_and_<V3.3.46
Siemens · SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) >=V3.1.39_and_<V3.3
Siemens · SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) >=V3.1.39_and_<V3.3
Siemens · SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) >=V3.1.39_and_<V3.3.46
Siemens · SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) >=V2.0_<V2.2.28
Siemens · SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) >=V2.0_<V2.2.28
Siemens · SIMATIC CP 1543-1 (incl. SIPLUS variants) >=V2.2_and_<V3.0
Siemens · SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) >=V2.0_<V2.2.28
Siemens · SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) <V1.1
Siemens · SIMATIC MV540 H (6GF3540-0GE10) <V3.1
Siemens · SIMATIC MV540 S (6GF3540-0CD10) <V3.1
Siemens · SIMATIC MV550 H (6GF3550-0GE10) <V3.1
Siemens · SIMATIC MV550 S (6GF3550-0CD10) <V3.1
Siemens · SIMATIC MV560 U (6GF3560-0LE10) <V3.1
Siemens · SIMATIC MV560 X (6GF3560-0HE10) <V3.1
Siemens · SINEMA Remote Connect Server <V3.0_SP1
Siemens · SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) >=V2.0_<V2.2.28
Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) >=V2.0_<V2.2.28
Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) >=V2.0_<V2.2.28
Siemens · SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) >=V3.1.39_<V3.3
Siemens · SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) >=V3.1.39_and_<V3.3.46
Siemens · SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) >=V3.1.39_and_<V3.3.46
Siemens · SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) <V2.2_Update_1
Siemens · TIM 1531 IRC (6GK7543-1MX00-0XE0) <V2.2_Update_1

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more