← Back to home
ICSA-22-132-13  ·  Published 2022-08-09  ·  View on CISA ICS-CERT ↗

Siemens Industrial Devices using libcurl

CVSS 8.1 HIGH

CVEs (2)

Remediations

  • Update to V1.1 or later version
  • Update to V3.0.22 or later version
  • Update to V3.3.46 or later version
  • Use the certificate projection feature to pin the valid certificates of external servers providing the services E-mail and DynDNS to the affected devices. To do this, see the description in the sections "Ca Certificate" in the chapters "E-Mail" and "DynDNS" in the manual
  • Currently no fix is planned
  • Update to V7.1 or later version
  • Update to V5.0.14 or later version
  • Update to V3.1 or later version

Affected Vendors

Siemens

Affected Products (34)

Siemens · LOGO! CMR family vers:all/*
Siemens · RUGGEDCOM RM1224 LTE(4G) EU <V7.1
Siemens · RUGGEDCOM RM1224 LTE(4G) NAM <V7.1
Siemens · SCALANCE M804PB <V7.1
Siemens · SCALANCE M812-1 ADSL-Router (Annex A) <V7.1
Siemens · SCALANCE M812-1 ADSL-Router (Annex B) <V7.1
Siemens · SCALANCE M816-1 ADSL-Router (Annex A) <V7.1
Siemens · SCALANCE M816-1 ADSL-Router (Annex B) <V7.1
Siemens · SCALANCE M826-2 SHDSL-Router <V7.1
Siemens · SCALANCE M874-2 <V7.1
Siemens · SCALANCE M874-3 <V7.1
Siemens · SCALANCE M876-3 (EVDO) <V7.1
Siemens · SCALANCE M876-3 (ROK) <V7.1
Siemens · SCALANCE M876-4 (EU) <V7.1
Siemens · SCALANCE M876-4 (NAM) <V7.1
Siemens · SCALANCE MUM856-1 (EU) <V7.1
Siemens · SCALANCE MUM856-1 (RoW) <V7.1
Siemens · SCALANCE S615 <V7.1
Siemens · SIMATIC CP 1242-7 V2 <V3.3.46
Siemens · SIMATIC CP 1243-1 <V3.3.46
Siemens · SIMATIC CP 1243-7 LTE EU <V3.3.46
Siemens · SIMATIC CP 1243-7 LTE US <V3.3.46
Siemens · SIMATIC CP 1243-8 IRC <V3.3.46
Siemens · SIMATIC CP 1543-1 <V3.0.22
Siemens · SIMATIC CP 1545-1 <V1.1
Siemens · SIMATIC RTU3010C <V5.0.14
Siemens · SIMATIC RTU3030C <V5.0.14
Siemens · SIMATIC RTU3031C <V5.0.14
Siemens · SIMATIC RTU3041C <V5.0.14
Siemens · SINEMA Remote Connect Client <V3.1
Siemens · SIPLUS NET CP 1242-7 V2 <V3.3.46
Siemens · SIPLUS NET CP 1543-1 <V3.0.22
Siemens · SIPLUS S7-1200 CP 1243-1 <V3.3.46
Siemens · SIPLUS S7-1200 CP 1243-1 RAIL <V3.3.46

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more