← Back to home
ICSA-26-174-03  ·  Published 2026-06-23  ·  View on CISA ICS-CERT ↗

Siemens Products using OpenSSL

CVSS 9.8 CRITICAL

Risk Summary

OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

CVEs (1)

Remediations

  • As a defense-in-depth measure, organizations may review whether affected systems are exposed to untrusted CMS/PKCS#7 content from external sources.
  • Do not accept files from untrusted and unvalidated sources in the affected applications
  • Restrict the port at the host with the DeviceConnectionProxy to secure destinations
  • Securing the connected email server as follows: • Configure the email server to enforce encrypted communication (TLS/SSL) for all SMTP connections. • Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists). • Ensure strong authentication to access the email server. • Keep the email server software and underlying operating system up to date with the latest security patches.
  • Securing the connected email server as follows: • Configure the email server to enforce encrypted communication (TLS/SSL) for all SMTP connections. • Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists). • Ensure strong authentication to access the email server. • Keep the email server software and underlying operating system up to date with the latest security patches.
  • The hardening instructions mentioned in the products security concept should be followed
  • Currently no fix is planned
  • Currently no fix is available
  • Update to V1.0 SP2 Update 5 or later version
  • Update to V1.8.0 or later version
  • Update to V17 Update 9 or later version
  • Update to V17.9 or later version
  • Update to V2.15.3.0 or later version
  • Update to V21 or later version
  • Update to V3.19 P024 or later version
  • Update to V3.20 P012 or later version
  • Update to V3.21 P02 or later version
  • Update to V3.3.2 or later version
  • Update to V5.7 SP4 or later version
  • Contact customer support [email protected]
  • Contact customer support

Affected Vendors

Siemens

Affected Products (137)

Siemens · AI Lightweight Inference Server vers:all/*
Siemens · Connector for Azure vers:intdot/<1.8.0
Siemens · Databus vers:intdot/<3.3.2
Siemens · HiMed Cockpit vers:all/*
Siemens · RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) vers:all/*
Siemens · RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) vers:all/*
Siemens · SCALANCE LPE9403 (6GK5998-3GS00-2AC2) vers:all/*
Siemens · SCALANCE LPE9413 (6GK5998-3GS01-2AC2) vers:all/*
Siemens · SCALANCE LPE9433 (6GK5998-3GS11-2AC2) vers:all/*
Siemens · SCALANCE M804PB (6GK5804-0AP00-2AA2) vers:all/*
Siemens · SCALANCE M812-1 ADSL-Router family vers:all/*
Siemens · SCALANCE M816-1 ADSL-Router family vers:all/*
Siemens · SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) vers:all/*
Siemens · SCALANCE M874-2 (6GK5874-2AA00-2AA2) vers:all/*
Siemens · SCALANCE M874-3 (6GK5874-3AA00-2AA2) vers:all/*
Siemens · SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) vers:all/*
Siemens · SCALANCE M876-3 (6GK5876-3AA02-2BA2) vers:all/*
Siemens · SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) vers:all/*
Siemens · SCALANCE M876-4 (6GK5876-4AA10-2BA2) vers:all/*
Siemens · SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) vers:all/*
Siemens · SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) vers:all/*
Siemens · SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) vers:all/*
Siemens · SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) vers:all/*
Siemens · SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) vers:all/*
Siemens · SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) vers:all/*
Siemens · SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) vers:all/*
Siemens · SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) vers:all/*
Siemens · SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) vers:all/*
Siemens · SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) vers:all/*
Siemens · SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) vers:all/*
Siemens · SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) vers:all/*
Siemens · SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) vers:all/*
Siemens · SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) vers:all/*
Siemens · SCALANCE SC622-2C (6GK5622-2GS00-2AC2) vers:all/*
Siemens · SCALANCE SC626-2C (6GK5626-2GS00-2AC2) vers:all/*
Siemens · SCALANCE SC632-2C (6GK5632-2GS00-2AC2) vers:all/*
Siemens · SCALANCE SC636-2C (6GK5636-2GS00-2AC2) vers:all/*
Siemens · SCALANCE SC642-2C (6GK5642-2GS00-2AC2) vers:all/*
Siemens · SCALANCE SC646-2C (6GK5646-2GS00-2AC2) vers:all/*
Siemens · SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) vers:all/*
Siemens · SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) vers:all/*
Siemens · SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) vers:all/*
Siemens · SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) vers:all/*
Siemens · SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) vers:all/*
Siemens · SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) vers:all/*
Siemens · SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) vers:all/*
Siemens · SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) vers:all/*
Siemens · SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) vers:all/*
Siemens · SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) vers:all/*
Siemens · SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) vers:all/*
Siemens · SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) vers:all/*
Siemens · SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) vers:all/*
Siemens · SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) vers:all/*
Siemens · SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) vers:all/*
Siemens · SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) vers:all/*
Siemens · SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) vers:all/*
Siemens · SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) vers:all/*
Siemens · SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) vers:all/*
Siemens · SCALANCE XC316-8 (6GK5324-8TS00-2AC2) vers:all/*
Siemens · SCALANCE XC324-4 (6GK5328-4TS00-2AC2) vers:all/*
Siemens · SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) vers:all/*
Siemens · SCALANCE XC332 (6GK5332-0GA00-2AC2) vers:all/*
Siemens · SCALANCE XC416-8 (6GK5424-8TR00-2AC2) vers:all/*
Siemens · SCALANCE XC424-4 (6GK5428-4TR00-2AC2) vers:all/*
Siemens · SCALANCE XC432 (6GK5432-0GR00-2AC2) vers:all/*
Siemens · SCALANCE XR302-32 (6GK5334-5TS00-2AR3) vers:all/*
Siemens · SCALANCE XR302-32 (6GK5334-5TS00-3AR3) vers:all/*
Siemens · SCALANCE XR302-32 (6GK5334-5TS00-4AR3) vers:all/*
Siemens · SCALANCE XR322-12 (6GK5334-3TS00-2AR3) vers:all/*
Siemens · SCALANCE XR322-12 (6GK5334-3TS00-3AR3) vers:all/*
Siemens · SCALANCE XR322-12 (6GK5334-3TS00-4AR3) vers:all/*
Siemens · SCALANCE XR326-8 (6GK5334-2TS00-2AR3) vers:all/*
Siemens · SCALANCE XR326-8 (6GK5334-2TS00-3AR3) vers:all/*
Siemens · SCALANCE XR326-8 (6GK5334-2TS00-4AR3) vers:all/*
Siemens · SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) vers:all/*
Siemens · SCALANCE XR502-32 (6GK5534-5TR00-2AR3) vers:all/*
Siemens · SCALANCE XR502-32 (6GK5534-5TR00-3AR3) vers:all/*
Siemens · SCALANCE XR502-32 (6GK5534-5TR00-4AR3) vers:all/*
Siemens · SCALANCE XR522-12 (6GK5534-3TR00-2AR3) vers:all/*
Siemens · SCALANCE XR522-12 (6GK5534-3TR00-3AR3) vers:all/*
Siemens · SCALANCE XR522-12 (6GK5534-3TR00-4AR3) vers:all/*
Siemens · SCALANCE XR524-8WG (6GK5532-2SR00-2AR3) vers:all/*
Siemens · SCALANCE XR524-8WG (6GK5532-2SR00-2RR3) vers:all/*
Siemens · SCALANCE XR524-8WG (6GK5532-2SR00-3AR3) vers:all/*
Siemens · SCALANCE XR524-8WG (6GK5532-2SR00-3RR3) vers:all/*
Siemens · SCALANCE XR526-8 (6GK5534-2TR00-2AR3) vers:all/*
Siemens · SCALANCE XR526-8 (6GK5534-2TR00-3AR3) vers:all/*
Siemens · SCALANCE XR526-8 (6GK5534-2TR00-4AR3) vers:all/*
Siemens · Shopfloor IT Suite vers:all/*
Siemens · SIDIS Prime vers:intdot/>=4.0.700
Siemens · Siemens OPC UA Modelling Editor (SiOME) vers:all/*
Siemens · SIMATIC Comfort/Mobile RT vers:all/*
Siemens · SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8) vers:all/*
Siemens · SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) vers:all/*
Siemens · SIMATIC HMI Basic Panels vers:intdot/<17.0.9
Siemens · SIMATIC HMI Comfort Panels vers:intdot/<17.0.9
Siemens · SIMATIC HMI Mobile Panels vers:intdot/<17.0.9
Siemens · SIMATIC IOT2050 (6ES7647-0BA00-1YA2) vers:all/*
Siemens · SIMATIC IPC BX-21A vers:all/*
Siemens · SIMATIC IPC MD-57A vers:all/*
Siemens · SIMATIC IPC ORCLA vers:all/*
Siemens · SIMATIC PDM V9.3 vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-0DA00) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-0DA10) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-0DA20) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-0DA30) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-1EA10) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-1EA20) vers:all/*
Siemens · SIMATIC RTLS Locating Manager (6GT2780-1EA30) vers:all/*
Siemens · SIMATIC STEP 7 V5 vers:intdot/<5.7.4
Siemens · SIMATIC Target vers:all/*
Siemens · SIMATIC WinCC OA V3.19 vers:intdot/<3.19.024
Siemens · SIMATIC WinCC OA V3.20 vers:intdot/<3.20.012
Siemens · SIMATIC WinCC OA V3.21 vers:intdot/<3.21.02
Siemens · SIMATIC WinCC Runtime Advanced V17 vers:intdot/<17.0.9
Siemens · SIMATIC WinCC Unified Sequence vers:intdot/<21
Siemens · SIMATIC WinCC V7.5 vers:all/*
Siemens · SIMATIC WinCC V8.0 vers:all/*
Siemens · SIMATIC WinCC V8.1 vers:all/*
Siemens · SIMOTION OACAMGEN (6AU1820-3EA20-0AB0) vers:all/*
Siemens · SIMOVE Fleetmanager V3.1 vers:all/*
Siemens · SIMOVE Fleetmanager V3.2 vers:all/*
Siemens · SIMOVE Fleetmanager V3.3 vers:all/*
Siemens · SINAMICS G200 vers:intdot/>=6.3
Siemens · SINAMICS G220 vers:intdot/>=6.3
Siemens · SINAMICS S200 vers:intdot/>=6.3
Siemens · SINAMICS S210 vers:intdot/>=6.3
Siemens · SINAMICS S220 vers:intdot/>=6.3
Siemens · SINEC INS vers:intdot/<1.0.2.5
Siemens · SINEC NMS vers:all/*
Siemens · SINEC Security Monitor vers:all/*
Siemens · SINUMERIK Access MyMachine /OPC UA vers:all/*
Siemens · SIPLANT vers:all/*
Siemens · SITRANS ASM IQ vers:all/*
Siemens · SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ) vers:all/*
Siemens · User Management Component (UMC) vers:intdot/<2.15.3.0
Siemens · Visual Inspection Cockpit vers:all/*

Affected Sectors

Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more