ICSA-22-167-10
·
Published 2022-06-14
·
View on CISA ICS-CERT ↗
Siemens SCALANCE XM-400 and XR-500
CVSS 5.9
MEDIUM
CVEs (1)
Remediations
- Update to V6.5 or later version
- Disable OSPF in the layer 3 configuration menu (note that OSPF is disabled by default). The vulnerability is not exploitable, when OSPF is disabled
- If OSPF is used, set a password for the OSPF interface and enable MD5 authentication
Affected Vendors
Siemens
Affected Products (26)
Siemens
·
SCALANCE XM408-4C
<V6.5
Siemens
·
SCALANCE XM408-4C (L3 int.)
<V6.5
Siemens
·
SCALANCE XM408-8C
<V6.5
Siemens
·
SCALANCE XM408-8C (L3 int.)
<V6.5
Siemens
·
SCALANCE XM416-4C
<V6.5
Siemens
·
SCALANCE XM416-4C (L3 int.)
<V6.5
Siemens
·
SCALANCE XR524-8C, 1x230V
<V6.5
Siemens
·
SCALANCE XR524-8C, 1x230V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR524-8C, 2x230V
<V6.5
Siemens
·
SCALANCE XR524-8C, 2x230V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR524-8C, 24V
<V6.5
Siemens
·
SCALANCE XR524-8C, 24V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR526-8C, 1x230V
<V6.5
Siemens
·
SCALANCE XR526-8C, 1x230V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR526-8C, 2x230V
<V6.5
Siemens
·
SCALANCE XR526-8C, 2x230V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR526-8C, 24V
<V6.5
Siemens
·
SCALANCE XR526-8C, 24V (L3 int.)
<V6.5
Siemens
·
SCALANCE XR528-6M
<V6.5
Siemens
·
SCALANCE XR528-6M (2HR2)
<V6.5
Siemens
·
SCALANCE XR528-6M (2HR2, L3 int.)
<V6.5
Siemens
·
SCALANCE XR528-6M (L3 int.)
<V6.5
Siemens
·
SCALANCE XR552-12M
<V6.5
Siemens
·
SCALANCE XR552-12M (2HR2)
<V6.5
Siemens
·
SCALANCE XR552-12M (2HR2)
<V6.5
Siemens
·
SCALANCE XR552-12M (2HR2, L3 int.)
<V6.5
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more