VDB
ICSA-24-319-06
ICSA-24-319-06
PUBLISHED
CVSS 7.099999904632568 HIGH
SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS v3.1
7.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) | ||
| SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) | ||
| SCALANCE M874-3 (6GK5874-3AA00-2AA2) | ||
| RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) | ||
| SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) | ||
| SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) | ||
| SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) | ||
| RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) | ||
| SCALANCE M876-4 (6GK5876-4AA10-2BA2) | ||
| SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) | ||
| SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) | ||
| SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) | ||
| SCALANCE M874-2 (6GK5874-2AA00-2AA2) | ||
| SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) | ||
| SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) | ||
| SCALANCE M804PB (6GK5804-0AP00-2AA2) | ||
| SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) | ||
| SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) | ||
| SCALANCE M876-3 (6GK5876-3AA02-2BA2) | ||
| SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) |
Timeline
- Nov 12, 2024 CVE Published
- May 6, 2025 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-354112.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-319-06.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://support.industry.siemens.com/cs/ww/en/view/109976047/ fix