ICSA-23-285-02 · Published 2023-10-10 · View on CISA ICS-CERT ↗

Siemens SCALANCE W1750D

CVSS 9.8 CRITICAL

CVEs (13)

CVE-2023-22779 CVE-2023-22780 CVE-2023-22781 CVE-2023-22782 CVE-2023-22783 CVE-2023-22784 CVE-2023-22785 CVE-2023-22786 CVE-2023-22787 CVE-2023-22788 CVE-2023-22789 CVE-2023-22790 CVE-2023-22791

Remediations

CVE-2023-22779, CVE-2023-22780, CVE-2023-22781, CVE-2023-22782, CVE-2023-22783, CVE-2023-22784, CVE-2023-22785, CVE-2023-22786: Enable cluster-security via the cluster-security command
Update to V8.10.0.6 or later version The update is available upon request from customer support
Restrict the command line interface and web-based management interfaces to a dedicated layer 2 segment/VLAN and/or controll them by firewall policies at layer 3 and above
CVE-2023-22787: Block access to port UDP/8211 from untrusted networks

Affected Vendors

Siemens

Affected Products (3)

Siemens · SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0) <V8.10.0.6

Siemens · SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0) <V8.10.0.6

Siemens · SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0) <V8.10.0.6

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more