← Back to home
ICSA-22-349-21  ·  Published 2022-12-13  ·  View on CISA ICS-CERT ↗

Siemens SCALANCE X-200RNA Switch Devices

CVSS 9.8 CRITICAL

CVEs (83)

CVE-2003-0190 CVE-2003-1562 CVE-2014-8176 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-4000 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 CVE-2015-8325 CVE-2016-0701 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0777 CVE-2016-0778 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-1907 CVE-2016-1908 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6210 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6515 CVE-2016-8858 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2017-3735 CVE-2017-15906 CVE-2018-15473 CVE-2018-20685 CVE-2019-1552 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-16905

Remediations

  • Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only
  • Deactivate the webserver if not required, and if deactivation is supported by the product
  • Update to V3.2.7 or later version

Affected Vendors

Siemens

Affected Products (5)

Siemens · SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2) <V3.2.7
Siemens · SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2) <V3.2.7
Siemens · SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3) <V3.2.7
Siemens · SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3) <V3.2.7
Siemens · SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3) <V3.2.7

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more