ICSA-21-159-11 · Published 2025-05-06 · View on CISA ICS-CERT ↗

Siemens SIMATIC NET CP 443-1 OPC UA

CVSS 9.8 CRITICAL

CVEs (15)

CVE-2015-7705 CVE-2015-7853 CVE-2015-8138 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2518 CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-7431 CVE-2016-7433 CVE-2016-9042 CVE-2017-6458

Remediations

Currently no remediation is planned
Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default
Configure an additional firewall to prevent communication to port udp/123 of an affected device

Affected Vendors

Siemens

Affected Products (1)

Siemens · SIMATIC CP 443-1 OPC UA vers:all/*

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more