{"vulnerability": "CVE-2025-40833", "sightings": [{"uuid": "fe1eaf33-e896-466c-a3d2-456db2da8119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40833", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-06", "content": "View CSAF\n\nSummary\n\nMultiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.\n\nThe following versions of Siemens Industrial Devices are affected:\n\n\n\nIE/PB LINK HA (6GK1411-5BB00) vers:all/* (CVE-2025-40833)\n\nIE/PB link PN IO (6GK1411-5AB10) vers:all/* (CVE-2025-40833)\n\nRUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nRUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M804PB (6GK5804-0AP00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M874-2 (6GK5874-2AA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M874-3 (6GK5874-3AA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M876-3 (6GK5876-3AA02-2BA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M876-4 (6GK5876-4AA10-2BA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSCALANCE SC622-2C (6GK5622-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE SC626-2C (6GK5626-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE SC632-2C (6GK5632-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE SC636-2C (6GK5636-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE SC642-2C (6GK5642-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE SC646-2C (6GK5646-2GS00-2AC2) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) vers:all/* (CVE-2025-40833)\n\nSCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) vers:intdot/&lt;6.6.0 (CVE-2025-40833)\n\nSCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM763-1 (6GK5763-1AL00-7DA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 (6GK5766-1GE00-7DA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM763-1 (6GK5763-1AL00-3AA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM763-1 (6GK5763-1AL00-3DA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM766-1 (6GK5766-1GE00-3DA0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) vers:intdot/&lt;3.2.0 (CVE-2025-40833)\n\nSCALANCE X204-2 (6GK5204-2BB10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X204-2FM (6GK5204-2BB11-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X204-2LD (6GK5204-2BC10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X204-2LD TS (6GK5204-2BC10-2CA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X204-2TS (6GK5204-2BB10-2CA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X206-1 (6GK5206-1BB10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X206-1LD (6GK5206-1BC10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X208 (6GK5208-0BA10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X208PRO (6GK5208-0HA10-2AA6) vers:all/* (CVE-2025-40833)\n\nSCALANCE X212-2 (6GK5212-2BB00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X212-2LD (6GK5212-2BC00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X216 (6GK5216-0BA00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X224 (6GK5224-0BA00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X304-2FE (6GK5304-2BD00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-3 (6GK5307-3BL00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-3 (6GK5307-3BL10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-3LD (6GK5307-3BM00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X307-3LD (6GK5307-3BM10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2 (6GK5308-2FL00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2 RD (inkl. SIPLUS variants) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LD (6GK5308-2FM00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LD (6GK5308-2FM10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LH (6GK5308-2FN00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LH (6GK5308-2FN10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LH+ (6GK5308-2FP00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2LH+ (6GK5308-2FP10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M (6GK5308-2GG00-2AA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M (6GK5308-2GG10-2AA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M PoE (6GK5308-2QG00-2AA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M PoE (6GK5308-2QG10-2AA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M TS (6GK5308-2GG00-2CA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X308-2M TS (6GK5308-2GG10-2CA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE X310 (6GK5310-0FA00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X310 (6GK5310-0FA10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X310FE (6GK5310-0BA00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X310FE (6GK5310-0BA10-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X320-1 FE (6GK5320-1BD00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) vers:all/* (CVE-2025-40833)\n\nSCALANCE X408-2 (6GK5408-2FD00-2AA2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XF204 (6GK5204-0BA00-2AF2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XF204-2 (6GK5204-2BC00-2AF2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XF206-1 (6GK5206-1BC00-2AF2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XF208 (6GK5208-0BA00-2AF2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM408-4C (6GK5408-4GP00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM408-8C (6GK5408-8GS00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM416-4C (6GK5416-4GS00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR528-6M (6GK5528-0AA00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR552-12M (6GK5552-0AA00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) vers:all/* (CVE-2025-40833)\n\nSCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) vers:all/* (CVE-2025-40833)\n\nSIMATIC CFU DIQ (6ES7655-5PX31-1XX0) vers:intdot/&lt;2.0.0 (CVE-2025-40833)\n\nSIMATIC CFU PA (6ES7655-5PX11-0XX0) vers:intdot/&lt;2.0.0 (CVE-2025-40833)\n\nSIMATIC CFU PA (6ES7655-5PX11-1XX0) vers:intdot/&lt;2.0.0 (CVE-2025-40833)\n\nSIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC ET 200SP HA IM155-6 PN vers:intdot/&lt;1.3 (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) vers:all/* (CVE-2025-40833)\n\nSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) vers:intdot/&lt;10.2 (CVE-2025-40833)\n\nSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) vers:intdot/&lt;8.3 (CVE-2025-40833)\n\nSIMIT UNIT V10 vers:all/* (CVE-2025-40833)\n\nSIMIT UNIT V11 vers:all/* (CVE-2025-40833)\n\nSINAMICS CBE20 vers:all/* (CVE-2025-40833)\n\nSINAMICS G115D vers:all/* (CVE-2025-40833)\n\nSINAMICS G120 (incl. SIPLUS variants) vers:all/* (CVE-2025-40833)\n\nSINAMICS G120C vers:all/* (CVE-2025-40833)\n\nSINAMICS G120D vers:all/* (CVE-2025-40833)\n\nSINAMICS G120X vers:all/* (CVE-2025-40833)\n\nSINAMICS G120XA vers:all/* (CVE-2025-40833)\n\nSINAMICS G130 vers:all/* (CVE-2025-40833)\n\nSINAMICS G150 vers:all/* (CVE-2025-40833)\n\nSINAMICS S110 vers:all/* (CVE-2025-40833)\n\nSINAMICS S120 (incl. SIPLUS variants) vers:all/* (CVE-2025-40833)\n\nSINAMICS S150 vers:all/* (CVE-2025-40833)\n\nSINUMERIK 840D sl vers:all/* (CVE-2025-40833)\n\nSIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS NET IE/PB link PN IO (6AG1411-5AB10-2AA0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) vers:all/* (CVE-2025-40833)\n\nSIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 1AC 20 A/4x5 A PN (6EP3336-8MB00-2CY0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 3AC 20 A PN (6EP3436-8SB00-2AY0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 3AC 20 A/4x5 A PN (6EP3436-8MB00-2CY0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 3AC 40 A PN (6EP3437-8SB00-2AY0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 3AC 40 A/4x10 A PN (6EP3437-8MB00-2CY0) vers:all/* (CVE-2025-40833)\n\nSITOP PSU8600 3AC 40 A/4x10A EIP (6EP3437-8MB10-2CY0) vers:all/* (CVE-2025-40833)\n\nSITOP UPS1600 10 A Ethernet/ PROFINET (6EP4134-3AB00-2AY0) vers:all/* (CVE-2025-40833)\n\nSITOP UPS1600 20 A Ethernet/ PROFINET (6EP4136-3AB00-2AY0) vers:all/* (CVE-2025-40833)\n\nSITOP UPS1600 40 A Ethernet/ PROFINET (6EP4137-3AB00-2AY0) vers:all/* (CVE-2025-40833)\n\nSITOP UPS1600 EX 20 A Ethernet PROFINET (6EP4136-3AC00-2AY0) vers:all/* (CVE-2025-40833)\n\n&lt;div class=\"csaf-table\"&gt;\n\n\n\n\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv3 7.5\nSiemens\nSiemens Industrial Devices\nNULL Pointer Dereference\n\n\n\n&lt;/div&gt;\n\nBackground\n\n\n\nCritical Infrastructure Sectors: Critical Manufacturing\n\nCountries/Areas Deployed: Worldwide\n\nCompany Headquarters Location: Germany\n\n\n\n\nVulnerabilities\n&lt;div class=\"csaf-accordion\"&gt;\n\nExpand All +\n&lt;div class=\"csaf-accordion-item\"&gt;\n\nCVE-2025-40833\n&lt;div class=\"csaf-accordion-content\"&gt;\n\nThe affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.\n\nView CVE Details\n\n\n\nAffected Products\n\nSiemens Industrial Devices\n&lt;div class=\"ics-vendor-version-status\"&gt;\n&lt;div class=\"ics-vendor\"&gt;Vendor:Siemens&lt;/div&gt;\n&lt;div class=\"ics-version\"&gt;Product Version:IE/PB LINK HA (6GK1411-5BB00), IE/PB link PN IO (6GK1411-5AB10), RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), SCALANCE M874-2 (6GK5874-2AA00-2AA2), SCALANCE M874-3 (6GK5874-3AA00-2AA2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2), SCALANCE M876-3 (6GK5876-3AA02-2BA2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2), SCALANCE M876-4 (6GK5876-4AA10-2BA2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0), SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0), SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0), SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0), SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0), SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0), SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0), SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0), SCALANCE X204-2 (6GK5204-2BB10-2AA3), SCALANCE X204-2FM (6GK5204-2BB11-2AA3), SCALANCE X204-2LD (6GK5204-2BC10-2AA3), SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2), SCALANCE X204-2TS (6GK5204-2BB10-2CA2), SCALANCE X206-1 (6GK5206-1BB10-2AA3), SCALANCE X206-1LD (6GK5206-1BC10-2AA3), SCALANCE X208 (6GK5208-0BA10-2AA3), SCALANCE X208PRO (6GK5208-0HA10-2AA6), SCALANCE X212-2 (6GK5212-2BB00-2AA3), SCALANCE X212-2LD (6GK5212-2BC00-2AA3), SCALANCE X216 (6GK5216-0BA00-2AA3), SCALANCE X224 (6GK5224-0BA00-2AA3), SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3), SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3), SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3), SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3), SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3), SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3), SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3), SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3), SCALANCE X304-2FE (6GK5304-2BD00-2AA3), SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3), SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3), SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3), SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3), SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3), SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3), SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3), SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3), SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3), SCALANCE X307-3 (6GK5307-3BL00-2AA3), SCALANCE X307-3 (6GK5307-3BL10-2AA3), SCALANCE X307-3LD (6GK5307-3BM00-2AA3), SCALANCE X307-3LD (6GK5307-3BM10-2AA3), SCALANCE X308-2 (6GK5308-2FL00-2AA3), SCALANCE X308-2 RD (inkl. SIPLUS variants), SCALANCE X308-2LD (6GK5308-2FM00-2AA3), SCALANCE X308-2LD (6GK5308-2FM10-2AA3), SCALANCE X308-2LH (6GK5308-2FN00-2AA3), SCALANCE X308-2LH (6GK5308-2FN10-2AA3), SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3), SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3), SCALANCE X308-2M (6GK5308-2GG00-2AA2), SCALANCE X308-2M (6GK5308-2GG10-2AA2), SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2), SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2), SCALANCE X308-2M TS (6GK5308-2GG00-2CA2), SCALANCE X308-2M TS (6GK5308-2GG10-2CA2), SCALANCE X310 (6GK5310-0FA00-2AA3), SCALANCE X310 (6GK5310-0FA10-2AA3), SCALANCE X310FE (6GK5310-0BA00-2AA3), SCALANCE X310FE (6GK5310-0BA10-2AA3), SCALANCE X320-1 FE (6GK5320-1BD00-2AA3), SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3), SCALANCE X408-2 (6GK5408-2FD00-2AA2), SCALANCE XF204 (6GK5204-0BA00-2AF2), SCALANCE XF204-2 (6GK5204-2BC00-2AF2), SCALANCE XF206-1 (6GK5206-1BC00-2AF2), SCALANCE XF208 (6GK5208-0BA00-2AF2), SCALANCE XM408-4C (6GK5408-4GP00-2AM2), SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2), SCALANCE XM408-8C (6GK5408-8GS00-2AM2), SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2), SCALANCE XM416-4C (6GK5416-4GS00-2AM2), SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2), SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2), SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2), SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2), SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2), SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2), SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2), SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2), SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2), SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2), SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2), SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2), SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2), SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2), SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2), SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2), SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2), SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2), SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2), SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2), SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2), SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2), SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2), SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2), SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2), SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2), SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2), SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2), SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2), SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2), SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2), SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2), SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2), SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2), SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2), SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2), SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2), SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2), SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2), SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2), SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2), SCALANCE XR528-6M (6GK5528-0AA00-2AR2), SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2), SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2), SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2), SCALANCE XR552-12M (6GK5552-0AA00-2AR2), SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2), SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2), SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2), SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0), SIMATIC CFU PA (6ES7655-5PX11-1XX0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0), SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0), SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0), SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0), SIMATIC ET 200SP HA IM155-6 PN, SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0), SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0), SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0), SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0), SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0), SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0), SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0), SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0), SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0), SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMIT UNIT V10, SIMIT UNIT V11, SINAMICS CBE20, SINAMICS G115D, SINAMICS G120 (incl. SIPLUS variants), SINAMICS G120C, SINAMICS G120D, SINAMICS G120X, SINAMICS G120XA, SINAMICS G130, SINAMICS G150, SINAMICS S110, SINAMICS S120 (incl. SIPLUS variants), SINAMICS S150, SINUMERIK 840D sl, SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS NET IE/PB link PN IO (6AG1411-5AB10-2AA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0), SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0), SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0), SITOP PSU8600 1AC 20 A/4x5 A PN (6EP3336-8MB00-2CY0), SITOP PSU8600 3AC 20 A PN (6EP3436-8SB00-2AY0), SITOP PSU8600 3AC 20 A/4x5 A PN (6EP3436-8MB00-2CY0), SITOP PSU8600 3AC 40 A PN (6EP3437-8SB00-2AY0), SITOP PSU8600 3AC 40 A/4x10 A PN (6EP3437-8MB00-2CY0), SITOP PSU8600 3AC 40 A/4x10A EIP (6EP3437-8MB10-2CY0), SITOP UPS1600 10 A Ethernet/ PROFINET (6EP4134-3AB00-2AY0), SITOP UPS1600 20 A Ethernet/ PROFINET (6EP4136-3AB00-2AY0), SITOP UPS1600 40 A Ethernet/ PROFINET (6EP4137-3AB00-2AY0), SITOP UPS1600 EX 20 A Ethernet PROFINET (6EP4136-3AC00-2AY0)&lt;/div&gt;\n&lt;div class=\"ics-status\"&gt;Product Status:known_affected&lt;/div&gt;\n&lt;/div&gt;\n&lt;div class=\"ics-remediations\"&gt;\n\nRemediations\n\nMitigationAs a mitigation, disable the ethernet ports on the CPU and use a communication module (like CP) for communication instead\n\nMitigationRestrict access to the affected systems to trusted IP addresses only\n\nNo fix plannedCurrently no fix is planned\n\nNone availableCurrently no fix is available\n\nVendor fixUpdate to V10.2 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109773044/\n\nVendor fixUpdate to V2.0.0 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109781049/\n\nVendor fixUpdate to V2.0.0 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109754628/\n\nVendor fixUpdate to V3.2.0 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109992747/\n\nVendor fixUpdate to V6.6.0 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109996102/\n\nVendor fixUpdate to V8.3 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109476571/\n\nVendor fixUpdate to V8.3 or later versionhttps://support.industry.siemens.com/cs/ww/en/view/109989310/\n\nVendor fixUpdate to V1.3 or later version\n\nVendor fixhttps://support.industry.siemens.com/cs/ww/en/view/1029552/\n&lt;/div&gt;\n\nRelevant CWE: CWE-476 NULL Pointer Dereference\n\n\n\nMetrics\n&lt;div class=\"csaf-table csaf-metrics-table\"&gt;\n\n\n\n\nCVSS Version\nBase Score\nBase Severity\nVector String\n\n\n\n\n3.1\n7.5\nHIGH\nCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\n\n\n&lt;/div&gt;\n&lt;/div&gt;\n&lt;/div&gt;\n&lt;/div&gt;\n\n\n\nAcknowledgments\n\n\n\nSiemens ProductCERT reported this vulnerability to CISA.\n\n\n\n\nGeneral Recommendations\n\nAs a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity\n\n\n\nAdditional Resources\n\nFor further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories\n\n\n\nTerms of Use\n\nThe use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.\n\n\n\nLegal Notice and Terms of Use\n\nThis product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy &amp; Use policy (https://www.cisa.gov/privacy-policy).\n\n\n\nRecommended Practices\n\nCISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities.\n\nMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.\n\nLocate control system networks and remote devices behind firewalls and isolate them from business networks.\n\nWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.\n\nCISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\n\nOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\n\n\n\nAdvisory Conversion Disclaimer\n\nThis ICSA is a verbatim republication of Siemens ProductCERT SSA-392349 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.\n\nRevision History\n\n\n\nInitial Release Date: 2026-05-12\n\n\n\n\n\nDate\nRevision\nSummary\n\n\n\n\n2026-05-12\n1\nPublication Date\n\n\n2026-05-14\n2\nInitial CISA Republication of Siemens ProductCERT SSA-392349 advisory\n\n\n\n\n\n\nLegal Notice and Terms of Use", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}]}