VDB
ICSA-25-044-09
ICSA-25-044-09
PUBLISHED
CVSS 7.800000190734863 HIGH
SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) | ||
| SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) | ||
| SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) | ||
| SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) | ||
| SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) | ||
| SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) | ||
| SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) | ||
| SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) | ||
| SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) | ||
| SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) | ||
| SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) | ||
| SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) | ||
| SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) | ||
| SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) | ||
| SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) | ||
| SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) | ||
| SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) | ||
| SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) | ||
| SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) |
Timeline
- Feb 11, 2025 CVE Published
- Feb 13, 2025 PoC Published
- Mar 28, 2025 PoC Published
- May 6, 2025 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-769027.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-044-09.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://support.industry.siemens.com/cs/ww/en/view/109977720/ fix