ICSA-21-131-10
·
Published 2025-05-06
·
View on CISA ICS-CERT ↗
Siemens SCALANCE XM-400 and XR-500 Devices
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Update to V6.4 or later version
- Disable OSPF in the layer 3 configuration menu (note that OSPF is disabled by default). The vulnerability is not exploitable, when OSPF is disabled.
- If OSPF is used, set a password for the OSPF interface and enable MD5 authentication
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
SCALANCE XM-400 Family
<V6.4
Siemens
·
SCALANCE XR-500 Family
<V6.4
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more