ICSA-21-222-05 · Published 2024-02-13 · View on CISA ICS-CERT ↗

Siemens Industrial Products Intel CPUs (Update F)

CVSS 7.5 HIGH

CVEs (12)

CVE-2020-8670 CVE-2020-8703 CVE-2020-8704 CVE-2020-12357 CVE-2020-12358 CVE-2020-12360 CVE-2020-24486 CVE-2020-24506 CVE-2020-24507 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513

Remediations

As a prerequisite for an attack, an attacker must be able to run untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code if possible.
Currently no fix is planned
Update BIOS to V26.01.08 or later version
Update BIOS to V01.04.00 or later version
Update BIOS to V21.01.16 or later version
Update BIOS to V1.4.3 or later version
Update BIOS to V25.02.10 or later version
Update BIOS to V23.01.10 or later version
Update BIOS to V08.00.00.00 or later version SINUMERIK software can be obtained from your local Siemens account manager.
Update BIOS to V05.00.00.00 or later version SINUMERIK software can be obtained from your local Siemens account manager.
Update BIOS to V05.00.00.00 or later version SINUMERIK software can be obtained from your local Siemens account manager.
Update BIOS to V06.00.00.00 or later version SINUMERIK software can be obtained from your local Siemens account manager.
Update BIOS to V22.01.10 or later version
Update BIOS to V0209_0105 or later version
Update BIOS to V27.01.07 or later version

Affected Vendors

Siemens

Affected Products (25)

Siemens · SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) vers:all/*

Siemens · SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) vers:all/*

Siemens · SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) <V0209_0105

Siemens · SIMATIC Field PG M5 <V22.01.10

Siemens · SIMATIC Field PG M6 <V26.01.08

Siemens · SIMATIC IPC127E <V27.01.07

Siemens · SIMATIC IPC347G <V01.04.00

Siemens · SIMATIC IPC427E <V21.01.16

Siemens · SIMATIC IPC477E <V21.01.16

Siemens · SIMATIC IPC477E Pro <V21.01.16

Siemens · SIMATIC IPC527G <V1.4.3

Siemens · SIMATIC IPC547G vers:all/*

Siemens · SIMATIC IPC627E <BIOS_V25.02.10

Siemens · SIMATIC IPC647E <BIOS_V25.02.10

Siemens · SIMATIC IPC677E <BIOS_V25.02.10

Siemens · SIMATIC IPC847E <BIOS_V25.02.10

Siemens · SIMATIC IPC3000 SMART V3 <V01.04.00

Siemens · SIMATIC ITP1000 <V23.01.10

Siemens · SIMATIC S7-1500 CPU 1518-4 PN/DP MFP family (incl. SIPLUS variant) vers:all/*

Siemens · SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) vers:all/*

Siemens · SINUMERIK 828D HW PU.4 <V08.00.00.00

Siemens · SINUMERIK MC MCU 1720 <V05.00.00.00

Siemens · SINUMERIK ONE / SINUMERIK 840D sl Handheld Terminal HT 10 <V08.00.00.00

Siemens · SINUMERIK ONE NCU 1740 <V05.00.00.00

Siemens · SINUMERIK ONE PPU 1740 <V06.00.00.00

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more