VDB
ICSA-24-228-01
ICSA-24-228-01
PUBLISHED
CVSS 2.700000047683716 LOW
SCALANCE M-800 family before V8.1 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS v3.1
2.700000047683716
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) | ||
| SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) | ||
| RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) | ||
| SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) | ||
| SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) | ||
| SCALANCE M874-2 (6GK5874-2AA00-2AA2) | ||
| SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) | ||
| SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) | ||
| SCALANCE M804PB (6GK5804-0AP00-2AA2) | ||
| SCALANCE M874-3 (6GK5874-3AA00-2AA2) | ||
| SCALANCE M876-4 (6GK5876-4AA10-2BA2) | ||
| SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) | ||
| SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) | ||
| SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) | ||
| SCALANCE M876-3 (6GK5876-3AA02-2BA2) | ||
| SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) | ||
| SCALANCE M816-1 ADSL-Router family | ||
| SCALANCE M812-1 ADSL-Router family | ||
| SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) | ||
| SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) |
Timeline
- Aug 13, 2024 CVE Published
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-087301.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-087301.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-228-01.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://support.industry.siemens.com/cs/ww/en/view/109971718/ fix