ICSA-23-348-08
·
Published 2024-03-12
·
View on CISA ICS-CERT ↗
Siemens Web Server of Industrial Products
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Restrict network access to the integrated webserver
- Currently no fix is planned
- Update to V3.0.37 or later version
- Update to V3.4.29 or later version
- Update to V6.1 HF2 or later version
Affected Vendors
Siemens
Affected Products (9)
Siemens
·
SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)
<V3.4.29
Siemens
·
SIMATIC CP 1243-1 (incl. SIPLUS variants)
<V3.4.29
Siemens
·
SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)
vers:all/*
Siemens
·
SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)
<V3.4.29
Siemens
·
SIMATIC CP 1243-7 LTE
<V3.4.29
Siemens
·
SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)
<V3.4.29
Siemens
·
SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0)
<V3.0.37
Siemens
·
SINAMICS S210 (6SL5...)
>=V6.1_<V6.1_HF2
Siemens
·
SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0)
<V3.0.37
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more