Publication Date:
Last Update:
Current Version: V1.0
CVSS v3.1 Base Score: 8.7
Un-/Collapse All
Affected Product and Versions Remediation

All versions < V22.1 HotfixRev16
affected by CVE-2024-0056
Update to V22.1 HotfixRev16 or later version

All versions < V22.2 HotfixRev16
affected by CVE-2024-0056
Update to V22.2 HotfixRev16 or later version

All versions < V22.3 HotfixRev15
affected by CVE-2024-0056
Update to V22.3 HotfixRev15 or later version

All versions < V23.1 HotfixRev14
affected by CVE-2024-0056
Update to V23.1 HotfixRev14 or later version

All versions < V23.2 HotfixRev13
affected by CVE-2024-0056
Update to V23.2 HotfixRev13 or later version

All versions < V23.3 HotfixRev11
affected by CVE-2024-0056
Update to V23.3 HotfixRev11 or later version

Product-specific remediations or mitigations can be found in the section Affected Products and Solution.
Please follow the General Security Recommendations.

As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.

Un-/Collapse All

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory. Wherever applicable, it also documents the product-specific impact of the individual vulnerabilities.

CVSS v3.1 Base Score 8.7
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
CWE CWE-319: Cleartext Transmission of Sensitive Information

  • Milestone PSIRT for reporting and coordinated disclosure

For additional information regarding the vulnerability see

https://www.siemens.com/cert/advisories
V1.0 (2024-11-13): Publication Date