← Back to home
ICSA-22-104-05  ·  Published 2024-01-09  ·  View on CISA ICS-CERT ↗

Siemens OpenSSL Vulnerabilities in Industrial Products

CVSS 5.9 MEDIUM

CVEs (1)

Remediations

  • Restrict access to Remote Access service, if used, to mitigate this issue. This service is disabled by default.
  • Restrict access to the command interface, if used, to mitigate this issue. This interface is disabled by default.
  • Update ROX II to V2.14.1 ( https://support.industry.siemens.com/cs/ww/en/view/109800780/) or later version
  • use TLS v1.3 only
  • Currently no fix is planned
  • Update to V2.2.28 or later version
  • Update to V3.1 or later version
  • Update to V7.5 or later version
  • Update to V17.0 Upd 2 or later version
  • Update to V1.0 SP2
  • Update to V14 SP3 or later version
  • Update to V4.5.2 or later version
  • Update to V4.0 or later version
  • Update to V2.2 or later version
  • Update to V1.1 or later version
  • Update to V17 Update 1 or later version
  • Update to V7.1 or later version
  • Update to V2.0 or later version
  • Update to V3.3.46 or later version
  • Update to V2.9.3 or later version
  • Update to V3.1 SP1 or later version
  • Update to V1.6 Upd5 or later version
  • Update to V9.2 SP 1 or later version
  • Update to V3.0 or later version
  • Update to V6.4 or later version
  • Update to V4.3 or later version
  • Update to V1.0 SP4 or later version
  • Update to V9.1 or later version
  • Update SIMATIC PCS neo to V3.1 or later version To obtain SIMATIC PCS neo V3.1 contact your local support.
  • Update to V2.1.4 or later version
  • Update to V1.6 or later version
  • Update to V5.3 or later version

Affected Vendors

Siemens

Affected Products (95)

Siemens · RUGGEDCOM CROSSBOW Station Access Controller (SAC) >=V5.2.0|<V5.3_only_when_running_on_ROX_II_V2.14.0
Siemens · RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) >=V6.2<V7.1
Siemens · RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) >=V6.2<V7.1
Siemens · SCALANCE LPE9403 (6GK5998-3GS00-2AC2) <V1.1
Siemens · SCALANCE M804PB (6GK5804-0AP00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) >=V6.2<V7.1
Siemens · SCALANCE M874-2 (6GK5874-2AA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M874-3 (6GK5874-3AA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) >=V6.2<V7.1
Siemens · SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) >=V6.2<V7.1
Siemens · SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) >=V6.2<V7.1
Siemens · SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) >=V6.2<V7.1
Siemens · SCALANCE S602 >=V4.1
Siemens · SCALANCE S612 >=V4.1
Siemens · SCALANCE S615 (6GK5615-0AA00-2AA2) >=V6.2<V7.1
Siemens · SCALANCE S623 >=V4.1
Siemens · SCALANCE S627-2M >=V4.1
Siemens · SCALANCE SC622-2C (6GK5622-2GS00-2AC2) >=V2.0<V2.1.4
Siemens · SCALANCE SC632-2C (6GK5632-2GS00-2AC2) >=V2.0<V2.1.4
Siemens · SCALANCE SC636-2C (6GK5636-2GS00-2AC2) >=V2.0<V2.1.4
Siemens · SCALANCE SC642-2C (6GK5642-2GS00-2AC2) >=V2.0<V2.1.4
Siemens · SCALANCE SC646-2C (6GK5646-2GS00-2AC2) >=V2.0<V2.1.4
Siemens · SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) >=V2.0<V3.0
Siemens · SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) >=V2.0<V3.0
Siemens · SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) >=V2.0<V3.0
Siemens · SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) >=V2.0<V3.0
Siemens · SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) >=V2.0<V3.0
Siemens · SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) >=V2.0<V3.0
Siemens · SCALANCE W-700 IEEE 802.11n family >=V6.5
Siemens · SCALANCE XB-200 <V4.3
Siemens · SCALANCE XC-200 <V4.3
Siemens · SCALANCE XF-200BA <V4.3
Siemens · SCALANCE XM-400 <V6.4
Siemens · SCALANCE XP-200 <V4.3
Siemens · SCALANCE XR-300WG <V4.3
Siemens · SCALANCE XR-500 Family <V6.4
Siemens · SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00) >=V1.1<V1.6
Siemens · SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00) >=V1.1<V1.6
Siemens · SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) >=V3.1<V3.3.46
Siemens · SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) >=V3.1<V3.3.46
Siemens · SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) >=V3.1<V3.3.46
Siemens · SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) >=V3.1<V3.3.46
Siemens · SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) >=V3.1<V3.3.46
Siemens · SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) >=V2.1<V2.2.28
Siemens · SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) >=V2.2<V3.0
Siemens · SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) >=V2.1<V2.2.28
Siemens · SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) >=V1.0<V1.1
Siemens · SIMATIC HMI Comfort Outdoor Panels (incl. SIPLUS variants) <V17.0_Upd_2
Siemens · SIMATIC HMI Comfort Panels (incl. SIPLUS variants) <V17.0_Upd_2
Siemens · SIMATIC HMI KTP Mobile Panels <V17.0_Upd_2
Siemens · SIMATIC Logon V1.6 >=V1.6_Upd2|<V1.6_Upd5
Siemens · SIMATIC MV540 H (6GF3540-0GE10) <V3.1
Siemens · SIMATIC MV540 S (6GF3540-0CD10) <V3.1
Siemens · SIMATIC MV550 H (6GF3550-0GE10) <V3.1
Siemens · SIMATIC MV550 S (6GF3550-0CD10) <V3.1
Siemens · SIMATIC MV560 U (6GF3560-0LE10) <V3.1
Siemens · SIMATIC MV560 X (6GF3560-0HE10) <V3.1
Siemens · SIMATIC PCS 7 TeleControl <V9.1
Siemens · SIMATIC PCS neo <V3.1
Siemens · SIMATIC PDM >=V9.1_SP7|<V9.2_SP1
Siemens · SIMATIC Process Historian OPC UA Server >=2019|<2020_Upd1
Siemens · SIMATIC RF166C (6GT2002-0EE20) <V2.0
Siemens · SIMATIC RF185C (6GT2002-0JE10) <V2.0
Siemens · SIMATIC RF186C (6GT2002-0JE20) <V2.0
Siemens · SIMATIC RF186CI (6GT2002-0JE50) <V2.0
Siemens · SIMATIC RF188C (6GT2002-0JE40) <V2.0
Siemens · SIMATIC RF188CI (6GT2002-0JE60) <V2.0
Siemens · SIMATIC RF360R (6GT2801-5BA30) <V2.0
Siemens · SIMATIC RF610R (6GT2811-6BC10) <V4.0
Siemens · SIMATIC RF615R (6GT2811-6CC10) <V4.0
Siemens · SIMATIC RF650R (6GT2811-6AB20) <V4.0
Siemens · SIMATIC RF680R (6GT2811-6AA10) <V4.0
Siemens · SIMATIC RF685R (6GT2811-6CA10) <V4.0
Siemens · SIMATIC S7-1200 CPU family (incl. SIPLUS variants) <V4.5.2
Siemens · SIMATIC S7-1500 CPU 1518-4 PN/DP MFP family (incl. SIPLUS variant) <V2.9.3
Siemens · SIMATIC WinCC Runtime Advanced <V17_Update_1
Siemens · SIMATIC WinCC TeleControl <V7.5
Siemens · SINAMICS Connect 300 vers:all/*
Siemens · SINEC NMS >=V1.0.1<V1.0.2
Siemens · SINEMA Server <V14_V14_SP3
Siemens · SINUMERIK OPC UA Server <V3.1_SP1
Siemens · SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) >=V2.1<V2.2.28
Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) >=V2.1<V2.2.28
Siemens · SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) >=V2.1<V2.2.28
Siemens · SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) >=V3.1<V3.3.46
Siemens · SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) >=V2.2<V3.0
Siemens · SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) >=V3.1<V3.3.46
Siemens · SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) >=V3.1<V3.3.46
Siemens · SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) >=V2.0<V2.2
Siemens · TIA Administrator <V1.0_SP4
Siemens · TIM 1531 IRC (6GK7543-1MX00-0XE0) >=V2.0<V2.2

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more