ICSA-23-348-05
·
Published 2023-12-12
·
View on CISA ICS-CERT ↗
Siemens SIMATIC and SIPLUS Products
CVSS 7.5
HIGH
CVEs (2)
Remediations
- Currently no fix is planned
- Update to V5.2 SP3 HF15 or later version
- Disable the web server of the affected system
- Restrict access to webserver for trusted users only
Affected Vendors
Siemens
Affected Products (9)
Siemens
·
SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0)
vers:all/*
Siemens
·
SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0)
vers:all/*
Siemens
·
SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0)
vers:all/*
Siemens
·
SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0)
vers:all/*
Siemens
·
SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0)
vers:all/*
Siemens
·
SIMATIC PC-Station Plus
vers:all/*
Siemens
·
SINAMICS S120 (incl. SIPLUS variants)
<V5.2_SP3_HF15
Siemens
·
SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0)
vers:all/*
Siemens
·
SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0)
vers:all/*
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more