Siemens Alert
3524Warning Date
Severity Level
Warning Number
Target Sector
17 July, 2022
● High
2022-5036
All
Siemens has released security alerts to address several vulnerabilities in the following products:
- SICAM GridEdge Essential ARM (6MD7881-2AA30)
- SICAM GridEdge Essential Intel (6MD7881-2AA40)
- SICAM GridEdge Essential with GDS ARM (6MD7881-2AA10)
- SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20)
- Parasolid V33.1
- Parasolid V34.0
- Parasolid V34.1
- Simcenter Femap
- SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)
- SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3)
- SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3)
- SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3)
- SCALANCE X201-3P IRT PRO (6GK5201-3BH00-2BD2)
- SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6)
- SCALANCE X202-2IRT (6GK5202-2BB00-2BA3)
- SCALANCE X202-2IRT (6GK5202-2BB10-2BA3)
- SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3)
- SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3)
- SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6)
- SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6)
- SCALANCE X204-2 (6GK5204-2BB10-2AA3)
- SCALANCE X204-2FM (6GK5204-2BB11-2AA3)
- SCALANCE X204-2LD (6GK5204-2BC10-2AA3)
- SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2)
- SCALANCE X204-2TS (6GK5204-2BB10-2CA2)
- SCALANCE X204IRT (6GK5204-0BA00-2BA3)
- SCALANCE X204IRT (6GK5204-0BA10-2BA3)
- SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6)
- SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6)
- SCALANCE X206-1 (6GK5206-1BB10-2AA3)
- SCALANCE X206-1LD (6GK5206-1BC10-2AA3)
- SCALANCE X208 (6GK5208-0BA10-2AA3)
- SCALANCE X208PRO (6GK5208-0HA10-2AA6)
- SCALANCE X212-2 (6GK5212-2BB00-2AA3)
- SCALANCE X212-2LD (6GK5212-2BC00-2AA3)
- SCALANCE X216 (6GK5216-0BA00-2AA3)
- SCALANCE X224 (6GK5224-0BA00-2AA3)
- SCALANCE XF201-3P IRT (6GK5201-3JR00-2BA6)
- SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2)
- SCALANCE XF204 (6GK5204-0BA00-2AF2)
- SCALANCE XF204-2 (6GK5204-2BC00-2AF2)
- SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2)
- SCALANCE XF204IRT (6GK5204-0BA00-2BF2)
- SCALANCE XF204IRT (6GK5204-0BA10-2BF2)
- SCALANCE XF206-1 (6GK5206-1BC00-2AF2)
- SCALANCE XF208 (6GK5208-0BA00-2AF2)
- SIMATIC MV540 H (6GF3540-0GE10)
- SIMATIC MV540 S (6GF3540-0CD10)
- SIMATIC MV550 H (6GF3550-0GE10)
- SIMATIC MV550 S (6GF3550-0CD10)
- SIMATIC MV560 U (6GF3560-0LE10)
- SIMATIC MV560 X (6GF3560-0HE10)
- JT2Go
- Teamcenter Visualization V12.4
- Teamcenter Visualization V13.2
- Teamcenter Visualization V13.3
- Teamcenter Visualization V14.0
- Mendix Applications using Mendix 7
- Mendix Applications using Mendix 8
- Mendix Applications using Mendix 9
- Mendix Applications using Mendix 9 (V9.6)
- Mendix Applications using Mendix 9 (V9.12)
- PADS Standard/Plus Viewer
- CP-8000 MASTER MODULE WITH I/O -25/+70°C (6MF2101-0AB10-0AA0)
- CP-8000 MASTER MODULE WITH I/O -40/+70°C (6MF2101-1AB10-0AA0)
- CP-8021 MASTER MODULE (6MF2802-1AA00)
- CP-8022 MASTER MODULE WITH GPRS (6MF2802-2AA00)
- SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)
- SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)
- SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)
- SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)
- SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)
- SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)
- SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0)
- SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)
- SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)
- SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)
- SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)
- SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)
- SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0)
- SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)
- SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)
- SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8)
- RUGGEDCOM ROX MX5000
- RUGGEDCOM ROX MX5000RE
- RUGGEDCOM ROX RX1400
- RUGGEDCOM ROX RX1500
- RUGGEDCOM ROX RX1501
- RUGGEDCOM ROX RX1510
- RUGGEDCOM ROX RX1511
- RUGGEDCOM ROX RX1512
- RUGGEDCOM ROX RX1524
- RUGGEDCOM ROX RX1536
- RUGGEDCOM ROX RX5000
- Mendix Excel Importer Module (Mendix 8 compatible)
- Mendix Excel Importer Module (Mendix 9 compatible)
- RUGGEDCOM ROS i800
- RUGGEDCOM ROS i801
- RUGGEDCOM ROS i802
- RUGGEDCOM ROS i803
- RUGGEDCOM ROS M969
- RUGGEDCOM ROS M2100
- RUGGEDCOM ROS M2200
- RUGGEDCOM ROS RMC
- RUGGEDCOM ROS RMC20
- RUGGEDCOM ROS RMC30
- RUGGEDCOM ROS RMC40
- RUGGEDCOM ROS RMC41
- RUGGEDCOM ROS RMC8388
- RUGGEDCOM ROS RP110
- RUGGEDCOM ROS RS400
- RUGGEDCOM ROS RS401
- RUGGEDCOM ROS RS416
- RUGGEDCOM ROS RS416v2
- RUGGEDCOM ROS RS900 (32M)
- RUGGEDCOM ROS RS900G
- RUGGEDCOM ROS RS900G (32M)
- RUGGEDCOM ROS RS900GP
- RUGGEDCOM ROS RS900L
- RUGGEDCOM ROS RS900W
- RUGGEDCOM ROS RS910
- RUGGEDCOM ROS RS910L
- RUGGEDCOM ROS RS910W
- RUGGEDCOM ROS RS920L
- RUGGEDCOM ROS RS920W
- RUGGEDCOM ROS RS930L
- RUGGEDCOM ROS RS930W
- RUGGEDCOM ROS RS940G
- RUGGEDCOM ROS RS969
- RUGGEDCOM ROS RS8000
- RUGGEDCOM ROS RS8000A
- RUGGEDCOM ROS RS8000H
- RUGGEDCOM ROS RS8000T
- RUGGEDCOM ROS RSG907R
- RUGGEDCOM ROS RSG908C
- RUGGEDCOM ROS RSG909R
- RUGGEDCOM ROS RSG910C
- RUGGEDCOM ROS RSG920P
- RUGGEDCOM ROS RSG2100
- RUGGEDCOM ROS RSG2100 (32M)
- RUGGEDCOM ROS RSG2100P
- RUGGEDCOM ROS RSG2200
- RUGGEDCOM ROS RSG2288
- RUGGEDCOM ROS RSG2300
- RUGGEDCOM ROS RSG2300P
- RUGGEDCOM ROS RSG2488
- RUGGEDCOM ROS RSL910
- RUGGEDCOM ROS RST916C
- RUGGEDCOM ROS RST916P
- RUGGEDCOM ROS RST2228
- RUGGEDCOM ROS RST2228P
- EN100 Ethernet module DNP3 IP variant
- EN100 Ethernet module IEC 104 variant
- EN100 Ethernet module IEC 61850 variant
- EN100 Ethernet module Modbus TCP variant
- EN100 Ethernet module PROFINET IO variant
- SINAMICS PERFECT HARMONY GH180 Drives
- Opcenter Quality V13.1
- Opcenter Quality V13.2
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Authentication bypass
- Code injection
- Improper Access Control
- Unauthorized disclosure of information
The CERT team encourages users to review Amazon security advisory:
- https://cert-portal.siemens.com/productcert/txt/ssa-944952.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-910883.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-865333.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-840800.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-829738.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-610768.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-599506.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-580125.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-517377.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-492173.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-491621.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-474231.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-439148.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-433782.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-429204.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-348662.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-310038.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-244969.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-243317.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-225578.txt