ICSA-24-046-01 · Published 2024-04-09 · View on CISA ICS-CERT ↗

Siemens SCALANCE W1750D

CVSS 9.8 CRITICAL

CVEs (14)

CVE-2023-45614 CVE-2023-45615 CVE-2023-45616 CVE-2023-45617 CVE-2023-45618 CVE-2023-45619 CVE-2023-45620 CVE-2023-45621 CVE-2023-45622 CVE-2023-45623 CVE-2023-45624 CVE-2023-45625 CVE-2023-45626 CVE-2023-45627

Remediations

CVE-2023-45614, CVE-2023-45615, CVE-2023-45616, CVE-2023-45617, CVE-2023-45618, CVE-2023-45619, CVE-2023-45620, CVE-2023-45621, CVE-2023-45622, CVE-2023-45623, CVE-2023-45624: Enabling cluster-security via the cluster-security command will prevent the vulnerabilities from being exploited
Update to V8.10.0.9 or later version The update is available upon request from customer support
CVE-2023-45625, CVE-2023-45626, CVE-2023-45627: The CLI and web-based management interfaces should be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above

Affected Vendors

Siemens

Affected Products (3)

Siemens · SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0) <V8.10.0.9

Siemens · SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0) <V8.10.0.9

Siemens · SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0) <V8.10.0.9

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more