-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-244969: OpenSSL Vulnerability in Industrial Products Publication Date: 2022-02-08 Last Update: 2023-04-11 Current Version: 2.0 CVSS v3.1 Base Score: 7.4 SUMMARY ======= OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available. [0] https://www.openssl.org/news/secadv/20210824.txt AFFECTED PRODUCTS AND SOLUTION ============================== * Industrial Edge - Machine Insight App - Affected versions: All versions - Remediation: Currently no fix is planned * Industrial Edge - PROFINET IO Connector - Affected versions: All versions < V1.1.1 - Remediation: Use the Edge Management System to update to V1.1.1 or later version * RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * RUGGEDCOM ROX MX5000 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX MX5000RE - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1400 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1500 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1501 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1510 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1511 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1512 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1524 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX1536 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * RUGGEDCOM ROX RX5000 - Affected versions: All versions < V2.15.0 - Remediation: Update to V2.15.0 or later version - Download: https://support.industry.siemens.com/cs/document/109805782/ * SCALANCE M804PB (6GK5804-0AP00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M874-2 (6GK5874-2AA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M874-3 (6GK5874-3AA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE S615 (6GK5615-0AA00-2AA2) - Affected versions: All versions < V7.1 - Remediation: Update to V7.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807276/ * SCALANCE SC622-2C (6GK5622-2GS00-2AC2) - Affected versions: All versions < V2.3 - Remediation: Update to V2.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805907/ * SCALANCE SC632-2C (6GK5632-2GS00-2AC2) - Affected versions: All versions < V2.3 - Remediation: Update to V2.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805907/ * SCALANCE SC636-2C (6GK5636-2GS00-2AC2) - Affected versions: All versions < V2.3 - Remediation: Update to V2.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805907/ * SCALANCE SC642-2C (6GK5642-2GS00-2AC2) - Affected versions: All versions < V2.3 - Remediation: Update to V2.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805907/ * SCALANCE SC646-2C (6GK5646-2GS00-2AC2) - Affected versions: All versions < V2.3 - Remediation: Update to V2.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805907/ * SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) - Affected versions: All versions - Remediation: Currently no fix is planned * SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) - Affected versions: All versions < V3.0.0 - Remediation: Update to V3.0.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808629/ * SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) - Affected versions: All versions < V1.2 - Remediation: Update to V1.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109805887/ * SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X202-2IRT (6GK5202-2BB00-2BA3) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X204-2 (6GK5204-2BB10-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X204-2FM (6GK5204-2BB11-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X204-2LD (6GK5204-2BC10-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X204-2TS (6GK5204-2BB10-2CA2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X204IRT (6GK5204-0BA00-2BA3) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE X206-1 (6GK5206-1BB10-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X206-1LD (6GK5206-1BC10-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X208 (6GK5208-0BA10-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X208PRO (6GK5208-0HA10-2AA6) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X212-2 (6GK5212-2BB00-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X212-2LD (6GK5212-2BC00-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X216 (6GK5216-0BA00-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X224 (6GK5224-0BA00-2AA3) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X304-2FE (6GK5304-2BD00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-3 (6GK5307-3BL00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-3 (6GK5307-3BL10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-3LD (6GK5307-3BM00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X307-3LD (6GK5307-3BM10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2 (6GK5308-2FL00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2 (6GK5308-2FL10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LD (6GK5308-2FM00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LD (6GK5308-2FM10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LH (6GK5308-2FN00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LH (6GK5308-2FN10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M (6GK5308-2GG00-2AA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M (6GK5308-2GG10-2AA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X308-2M TS (6GK5308-2GG10-2CA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X310 (6GK5310-0FA00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X310 (6GK5310-0FA10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X310FE (6GK5310-0BA00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X310FE (6GK5310-0BA10-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X320-1 FE (6GK5320-1BD00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE X408-2 (6GK5408-2FD00-2AA2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE XF204 (6GK5204-0BA00-2AF2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE XF204-2 (6GK5204-2BC00-2AF2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE XF204IRT (6GK5204-0BA00-2BF2) - Affected versions: All versions < V5.5.2 - Remediation: Update to V5.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817790/ * SCALANCE XF206-1 (6GK5206-1BC00-2AF2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE XF208 (6GK5208-0BA00-2AF2) - Affected versions: All versions < V5.2.6 - Remediation: Update to V5.2.6 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811753/ * SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) - Affected versions: All versions < V2.2.28 - Remediation: Update to V2.2.28 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817067/ * SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) - Affected versions: All versions < V3.0.22 - Remediation: Update to V3.0.22 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808678/ * SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) - Affected versions: All versions < V2.2.28 - Remediation: Update to V2.2.28 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817067/ * SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) - Affected versions: All versions < V1.1 - Remediation: Update to V1.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811116/ * SIMATIC PCS neo (Administration Console) - Affected versions: All versions < V3.1 SP 1 - Remediation: Update to V3.1 SP 1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109807752/ * SIMATIC Process Historian OPC UA Server - Affected versions: All versions < V2020 SP1 - Remediation: Update to V2020 SP1 or later version For PCS neo customers: Update to PCS neo V3.1 SP1 ( https://support.industry.siemens.com/cs/ww/de/view/109807752/) For PCS 7 customers: Update to PCS 7 V9.1 SP1 ( https://support.industry.siemens.com/cs/ww/en/view/109805073/) For WinCC customers: contact local support * SIMATIC S7-1200 CPU family (incl. SIPLUS variants) - Affected versions: All versions < V4.5.2 - Remediation: Update to V4.5.2 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109793280/ * SINEC NMS - Affected versions: All versions < V1.0.3 - Remediation: Update to V1.0.3 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109813788/ * SINEMA Remote Connect Server - Affected versions: All versions < V3.1 - Remediation: Update to V3.1 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109811169/ * SINEMA Server V14 - Affected versions: All versions - Remediation: Currently no fix is planned * SINUMERIK Operate - Affected versions: All versions < V4.95 SP1 - Remediation: Upgrade to V4.95 SP1 or later version - Download: SINUMERIK software can be obtained from your local Siemens account manager * SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) - Affected versions: All versions < V2.2.28 - Remediation: Update to V2.2.28 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817067/ * SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) - Affected versions: All versions < V2.2.28 - Remediation: Update to V2.2.28 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109817067/ * SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) - Affected versions: All versions < V3.0.22 - Remediation: Update to V3.0.22 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808678/ * SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3) - Affected versions: All versions < V4.1.4 - Remediation: Update to V4.1.4 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109808359/ * SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) - Affected versions: All versions < V3.3.46 - Remediation: Update to V3.3.46 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109812218/ * TIA Administrator - Affected versions: All versions < V1.0 SP7 - Remediation: Update to V1.0 SP7 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/114358/ WORKAROUNDS AND MITIGATIONS =========================== Product-specific remediations or mitigations can be found in the section "Affected Products and Solution". Please follow the "General Security Recommendations". GENERAL SECURITY RECOMMENDATIONS ================================ As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial- security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity PRODUCT DESCRIPTION =================== The Industrial Edge - Machine Insight App let you increase your machine's transparency and let you get to know the health status with a ready to use application. The Industrial Edge - PROFINET IO Connector reads PROFINET data and provides them via Data Bus & Data Service for Industrial Edge devices. Access machine data to analyze, monitor and process them with Industrial Edge Applications. SIMATIC Process Historian is the long term archive system for SIMATIC PCS 7, SIMATIC WinCC and SIMATIC PCS neo. It stores process values, alarms and batch data of production plants in its database and offers historical process data to reporting and visualization applications. RUGGEDCOM RM1224 is a 4G ROUTER for wireless IP-communication from Ethernet based devices via LTE(4G)- mobile radio. RUGGEDCOM Ethernet switches are used to operate reliably in electrical harsh and climatically demanding environments such as electric utility substations and traffic control cabinets. SCALANCE M-800, MUM-800 and S615 as well as the RUGGEDCOM RM1224 are industrial routers. SCALANCE SC-600 devices (SC622-2C, SC626-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C) are used to protect trusted industrial networks from untrusted networks. They allow filtering incoming and outgoing network connections in different ways. SCALANCE W-1700 products are wireless communication devices based on IEEE 802.11ac standard. They are used to connect all to sorts of WLAN devices (Access Points or Clients, depending on the operating mode) with a strong focus on industrial components, like Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs) and others. SCALANCE W-700 products are wireless communication devices based on IEEE 802.11ax or 802.11n standard. They are used to connect all to sorts of WLAN devices (Access Points or Clients, depending on the operating mode) with a strong focus on industrial components, like Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs) and others. SCALANCE X switches are used to connect industrial components like Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs). SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect SIMATIC S7-1200 controllers to Wide Area Networks (WAN). They provide integrated security functions such as firewall, Virtual Private Networks (VPN) and support of other protocols with data encryption. SIMATIC CP 1243-8 IRC communications processors connect SIMATIC S7-1200 controllers via the SINAUT ST7 telecontrol protocol to a control center or master ST7 stations. SIMATIC CP 1243-1 communications processors connect S7-1200 controllers to Ethernet networks. They provide integrated security functions such as firewall, Virtual Private Networks (VPN) and support of other protocols with data encryption. SIMATIC CP 1543-1, CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communications processors connect SIMATIC S7-1500 controllers to Ethernet networks. They provide integrated security functions such as firewall, Virtual Private Networks (VPN) and support of other protocols with data encryption. SIMATIC CP 1545-1 communications processors connect the S7-1500 controllers to Ethernet networks. They provide integrated security functions such as firewall, Virtual Private Networks (VPN) and support of other protocols with data encryption. SIMATIC PCS neo is a distributed control system (DCS). SIMATIC S7-1200 CPU products have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverages, and chemical industries worldwide. SINEC NMS is a new generation of the Network Management System (NMS) for the Digital Enterprise. This system can be used to centrally monitor, manage, and configure networks. SINEMA Remote Connect is a management platform for remote networks that enables the simple management of tunnel connections (VPN) between headquarters, service technicians, and installed machines or plants. It provides both the Remote Connect Server, which is the server application, and the Remote Connect Client, which is an OpenVPN client for optimal connection to SINEMA Remote Connect Server. SINEMA Server is a network monitoring and management software designed by Siemens for use in Industrial Ethernet networks. SINUMERIK Operate is a standard Human-Machine-Interface system for SINUMERIK numerical controls. SIPLUS extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the product they are based on. TIA Administrator is a web-based framework that can incorporate different function modules for administrative tasks, as well as functions for managing SIMATIC software and licenses. VULNERABILITY CLASSIFICATION ============================ The vulnerability classification has been performed by using the CVSS scoring system in version 3.1 (CVSS v3.1) (https://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring. An additional classification has been performed using the CWE classification, a community-developed list of common software security weaknesses. This serves as a common language and as a baseline for weakness identification, mitigation, and prevention efforts. A detailed list of CWE classes can be found at: https://cwe.mitre.org/. * Vulnerability CVE-2021-3712 ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y). CVSS v3.1 Base Score: 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C CWE: CWE-125: Out-of-bounds Read ADDITIONAL INFORMATION ====================== For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories HISTORY DATA ============ V1.0 (2022-02-08): Publication Date V1.1 (2022-02-17): Added solutions for SIMATIC S7-1200 CPU family and SCALANCE W-700 IEEE 802.11ax family V1.2 (2022-03-08): Added solution for SINUMERIK Operate and RUGGEDCOM ROX II; Added Industrial Edge products V1.3 (2022-04-12): Added solution for RUGGEDCOM RCM1224 familiy, SCALANCE M-800 familiy, SCALANCE MUM-800 familiy, SCALANCE S615, SCALANCE X-300/X408 family, SIMATIC PCS neo, SIMATIC Process Historian OPC UA Server, SCALANCE W-1700 (11AC) family, SIMATIC CP 1543-1, and SIPLUS NET CP 1543-1 V1.4 (2022-05-10): Removed Industrial Edge - Inventory App as it is not affected; Added solution for Industrial Edge - PROFINET IO Connector V1.5 (2022-06-14): Added fix for SIMATIC CP 1545-1 and SINEMA Remote Connect Server V1.6 (2022-07-12): Added fix for TIA Administrator and SCALANCE X-200 switch family (incl. SIPLUS NET variants). Updated no fix planned for Industrial Edge - Machine Insight App V1.7 (2022-08-09): Added fix for SIMATIC CP 1242-7 V2, CP 1243-7, CP 1243-1, CP 1243-8 V1.8 (2022-10-11): Added fix for SINEC NMS V1.9 (2023-03-14): Added fix for SIMATIC CP 1542SP-1 and SIMATIC CP 1543SP-1 V2.0 (2023-04-11): Added fix for SCALANCE X-200IRT switch family TERMS OF USE ============ Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use. Copyright: Siemens 2023 -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHyx/myPwjH9jB9tDlm7gTEmyujQFAmQ0owAACgkQlm7gTEmy ujSdiA//bLjEUxSiLV4r9UyT/Z9r424xX1T8/S+l7lonWJGNfwaFBec7SA3Y8C4N 4DaeAK+GnaksyWGJOYYAw0DIE/hYsvbimPMaKJWnh266lu2NK3c/ZLPABbl0OxXN LdgfUYslA6UTYMWLMAKgGNtkNWklJFA6qR2OtWFLSvw+6Tg7DwKLhjCRfzoWAMUw 2Vk1c253jT/c8uEYZ+217Tr0PQ1e0ru1WtHQRFHjsX7DQlUsbRVM3c91g/bVCD4t pBnNDrbMrf7hSnqCMAOB8MK58OKQM4RyZATBgckjbZHtg98FGIWBwnwVIXcvizQG m75wDDrak2An46Wah1hgMjAUZnLGnbDYJ5LqXLdudlepM/apoQI4v57v8+TLyi8J 5RpMvxCnGcITi2nhV9d7Iz87dYV8RfTmGUk3FaVTpOip8CRt1QKZMGv/IM9prU49 kJr+tlVwAgbGaN7MkVSotnjvYLIYOp7ulM8/ZExgCtq8/s0UWRa2MbJo+evo2Udr 6ljgYW1+/h5sRawWVydvIh7IH8WsrbBTX2qmzEfiLhVCBQs2XAoni755CemfQ/fB 2ybMsSEgKXNjtHlgxCTDb7b22uTBJrY5j1BHdR5Z8cK0VePplCA46CQx5gH6tPgj ZDGhLVH1UzjIJelF7wAhwPO21+TXzhke/HrovIkv6FWkYHahQtY= =/WiJ -----END PGP SIGNATURE-----