As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 6.9
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Siemens
• Equipment: SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX
• Vulnerability: Uncontrolled Resource Consumption

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow remote attackers to affect the availability of the devices under certain conditions.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Siemens reports that the following products are affected:

• SIMOCODE pro V PROFINET: All versions
• SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0): Versions prior to V4.4
• SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0): All versions
• SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0): Versions prior to V4.4
• SIDOOR ATD430W: All versions
• SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0): All versions
• SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0): All versions
• SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0): All versions
• SIPLUS HCS4300 CIM4310 (6BK1943-1AA00-0AA0): All versions
• SIMATIC ET 200SP IM 155-6 PN ST (6ES7155-6AU01-0BN0): All versions
• SIPLUS S7-1500 CPU 1516F-3 PN/DP (6AG1516-3FN00-2AB0): All versions
• SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0): All versions
• SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0): All versions
• SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0): All versions
• SIMATIC ET 200pro IM 154-4 PN HF (6ES7154-4AB10-0AB0): All versions
• SIPLUS ET 200M IM 153-4 PN IO HF (6AG1153-4BA00-7XB0): All versions
• SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0): Versions prior to V4.4
• SIPLUS ET 200SP IM 155-6 PN ST (6AG1155-6AU00-7BN0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST (6AG1155-6AU01-7BN0): All versions
• SIMATIC CFU DIQ (6ES7655-5PX31-1XX0): Versions prior to V2.0.0
• SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA00-7BN0): All versions
• SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0): All versions
• SIMATIC ET 200SP IM 155-6 PN HS (6ES7155-6AU00-0DN0): All versions
• SIPLUS ET 200S IM151-3 PN HF (6AG1151-3BA23-7AB0): All versions
• SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0): Versions prior to V4.4
• SIMATIC ET 200SP IM 155-6 PN ST BA (6ES7155-6AA00-0BN0): All versions
• SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0): All versions
• SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0): Versions prior to V4.4
• SIMATIC ET 200M IM 153-4 PN IO ST (6ES7153-4AA01-0XB0): All versions
• SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0): All versions
• SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0): Versions prior to V4.4
• SIMATIC ET 200MP IM 155-5 PN ST (6ES7155-5AA01-0AB0): All versions
• SIMATIC TDC CPU555: All versions
• SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0): Versions prior to V4.4
• SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST TX RAIL (6AG2155-6AU01-4BN0): All versions
• SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0): Versions prior to V4.4
• SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0): All versions
• SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0): Versions prior to V4.4
• SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0): All versions
• SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0): Versions prior to V4.4
• SIPLUS S7-1500 CPU 1513-1 PN (6AG1513-1AL00-2AB0): All versions
• SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0): All versions
• SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0): Versions prior to V4.4
• SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0): All versions
• SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0): All versions
• SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0): Versions prior to V4.4
• SIWAREX WP251 (7MH4960-6AA01): All versions
• SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0): Versions prior to V4.4
• SIPLUS S7-1500 CPU 1513F-1 PN (6AG1513-1FL00-2AB0): All versions
• SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants): Versions priror to V1.3
• SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0): All versions
• SIMATIC TDC CP51M1: All versions
• SIPLUS ET 200MP IM 155-5 PN ST (6AG1155-5AA00-7AB0): All versions
• SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0): All versions
• SIPLUS ET 200MP IM 155-5 PN ST TX RAIL (6AG2155-5AA00-4AB0): All versions
• SIPLUS ET 200MP IM 155-5 PN ST TX RAIL (6AG2155-5AA01-4AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST TX RAIL (6AG2155-6AU00-4BN0): All versions
• SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0): Versions prior to V4.4
• SIPLUS ET 200M IM 153-4 PN IO ST (6AG1153-4AA01-7XB0): All versions
• SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0): All versions
• SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-7AB0): All versions
• SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0): Versions prior to V4.4
• SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0): All versions
• SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0): All versions
• SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0): All versions
• SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0): Versions prior to V4.4
• SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0): Versions prior to V4.4
• SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL (6AG2155-6AA00-4BN0): All versions
• SIPLUS S7-1500 CPU 1511F-1 PN (6AG1511-1FK00-2AB0): All versions
• SIMATIC ET 200S IM 151-3 PN HS (6ES7151-3BA60-0AB0): All versions
• SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0): Versions prior to V4.4
• SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0): All versions
• SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0): All versions
• SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0): Versions prior to V4.4
• SIMATIC ET 200MP IM 155-5 PN BA (6ES7155-5AA00-0AA0): All versions
• SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0): All versions
• SIPLUS S7-1500 CPU 1511-1 PN (6AG1511-1AK00-2AB0): All versions
• SIMATIC ET 200M IM 153-4 PN IO HF (6ES7153-4BA00-0XB0): All versions
• SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0): Versions prior to V4.4
• SIMATIC CFU PA (6ES7655-5PX11-1XX0): Versions prior to V2.0
• SIMATIC ET 200S IM 151-3 PN HF (6ES7151-3BA23-0AB0): All versions
• SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants): Versions prior to V8.3
• SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0): Versions prior to V4.4
• SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0): All versions
• SIWAREX WP231 (7MH4960-2AA01): All versions
• SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0): Versions prior to V4.4
• SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0): All versions
• SIMATIC CFU PA (6ES7655-5PX11-0XX0): Versions prior to V2.0.0
• SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0): Versions prior to V4.4
• SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0): All versions
• SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0): Versions prior to V4.4
• SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0): Versions prior to V4.4
• SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0): All versions
• SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0): Versions prior to V4.4
• SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants): All versions
• SINUMERIK 840D sl: All versions
• SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0): All versions
• SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL00-0AB0): All versions
• SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0): Versions prior to V4.4
• SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants): All versions
• SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0): Versions prior to V4.4
• SIMATIC ET 200S IM 151-3 PN FO (6ES7151-3BB23-0AB0): All versions
• SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0): All versions
• SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0): All versions
• SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0): All versions
• SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0): Versions prior to V4.4
• SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0): Versions prior to V4.4
• SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0): All versions
• SIPLUS ET 200S IM151-3 PN ST (6AG1151-3AA23-2AB0): All versions
• SIMATIC ET 200SP IM 155-6 PN BA (6ES7155-6AR00-0AN0): All versions
• SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0): All versions
• SIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA01-7BN0): All versions
• SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0): All versions
• SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0): Versions prior to V4.4
• SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0): All versions
• SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants): All versions
• SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0): Versions prior to V4.4
• SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants): All versions
• SIPLUS HCS4200 CIM4210C (6BK1942-1AA00-0AA1): All versions
• SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL (6AG2155-6AA01-4BN0): All versions
• SIMATIC ET 200SP IM 155-6 PN ST (6ES7155-6AU00-0BN0): All versions
• SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0): All versions
• SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0): Versions prior to V4.4
• SIDOOR ATE530G COATED (6FB1221-5SM10-7BP0): All versions
• SIMATIC ET 200SP IM 155-6 PN ST BA (6ES7155-6AA01-0BN0): All versions
• SIPLUS ET 200MP IM 155-5 PN ST (6AG1155-5AA01-7AB0): All versions
• SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0): Versions prior to V4.4
• SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0): All versions
• SIPLUS ET 200SP CPU 1512SP F-1 PN (6AG1512-1SK00-2AB0): All versions
• SIPLUS HCS4200 CIM4210 (6BK1942-1AA00-0AA0): All versions
• SIMATIC Power Line Booster PLB, Modem Module ST (6ES7972-5AA51-0AB0): All versions
• SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0): All versions
• SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0): All versions
• SIMATIC ET 200S IM 151-3 PN ST (6ES7151-3AA23-0AB0): All versions
• SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0): Versions prior to V4.4
• SIMATIC ET 200MP IM 155-5 PN ST (6ES7155-5AA00-0AB0): All versions
• SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-2AB0): All versions
• SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0): Versions prior to V4.4
• SIWAREX WP241 (7MH4960-4AA01): All versions
• SIDOOR ATE530S COATED: All versions
• SIWAREX WP521 ST (7MH4980-1AA01): All versions
• SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0): All versions
• SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0): Versions prior to V4.4
• SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0): All versions
• SIMATIC Power Line Booster PLB, Base Module (6ES7972-5AA10-0AB0): All versions
• SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0): Versions prior to V4.4
• SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0): All versions
• SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0): Versions prior to V4.4
• SIMATIC ET 200pro IM 154-3 PN HF (6ES7154-3AB00-0AB0): All versions
• SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0): All versions
• SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0): All versions
• SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0): All versions
• SIWAREX WP522 ST (7MH4980-2AA01): All versions
• SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0): Versions prior to V4.4
• SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0): Versions prior to V4.4

3.2 VULNERABILITY OVERVIEW

3.2.1 UNCONTROLLED RESOURCE CONSUMPTION CWE-400

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial-of-service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

CVE-2024-23814 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

A CVSS v4 score has also been calculated for CVE-2024-23814. A base score of 6.9 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER

Siemens reported this vulnerability to CISA.

4. MITIGATIONS

Siemens has identified the following specific workarounds and mitigations users can apply to reduce risk:

• Implement packet filtering rules at network perimeter devices (firewalls, routers, IDS/IPS) to block ICMP messages with large payloads if viable in your environment
• SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants): Disable the ethernet ports on the CPU and use a communication module (like CP) for communication instead
• SIDOOR ATD430W, SIDOOR ATE530G COATED (6FB1221-5SM10-7BP0), SIDOOR ATE530S COATED, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200M IM 153-4 PN IO HF (6ES7153-4BA00-0XB0), SIMATIC ET 200M IM 153-4 PN IO ST (6ES7153-4AA01-0XB0), SIMATIC ET 200MP IM 155-5 PN BA (6ES7155-5AA00-0AA0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200MP IM 155-5 PN ST (6ES7155-5AA00-0AB0), SIMATIC ET 200MP IM 155-5 PN ST (6ES7155-5AA01-0AB0), SIMATIC ET 200pro IM 154-3 PN HF (6ES7154-3AB00-0AB0), SIMATIC ET 200pro IM 154-4 PN HF (6ES7154-4AB10-0AB0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-3 PN FO (6ES7151-3BB23-0AB0), SIMATIC ET 200S IM 151-3 PN HF (6ES7151-3BA23-0AB0), SIMATIC ET 200S IM 151-3 PN HS (6ES7151-3BA60-0AB0), SIMATIC ET 200S IM 151-3 PN ST (6ES7151-3AA23-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0), SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0), SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0), SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN BA (6ES7155-6AR00-0AN0), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HS (6ES7155-6AU00-0DN0), SIMATIC ET 200SP IM 155-6 PN ST (6ES7155-6AU00-0BN0), SIMATIC ET 200SP IM 155-6 PN ST (6ES7155-6AU01-0BN0), SIMATIC ET 200SP IM 155-6 PN ST BA (6ES7155-6AA00-0BN0), SIMATIC ET 200SP IM 155-6 PN ST BA (6ES7155-6AA01-0BN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC Power Line Booster PLB, Base Module (6ES7972-5AA10-0AB0), SIMATIC Power Line Booster PLB, Modem Module ST (6ES7972-5AA51-0AB0), SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0), SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0), SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0), SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL00-0AB0), SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0), SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0), SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0), SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0), SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SINUMERIK 840D sl, SIPLUS ET 200M IM 153-4 PN IO HF (6AG1153-4BA00-7XB0), SIPLUS ET 200M IM 153-4 PN IO ST (6AG1153-4AA01-7XB0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200MP IM 155-5 PN ST (6AG1155-5AA00-7AB0), SIPLUS ET 200MP IM 155-5 PN ST (6AG1155-5AA01-7AB0), SIPLUS ET 200MP IM 155-5 PN ST TX RAIL (6AG2155-5AA00-4AB0), SIPLUS ET 200MP IM 155-5 PN ST TX RAIL (6AG2155-5AA01-4AB0), SIPLUS ET 200S IM151-3 PN HF (6AG1151-3BA23-7AB0), SIPLUS ET 200S IM151-3 PN ST (6AG1151-3AA23-2AB0), SIPLUS ET 200SP CPU 1512SP F-1 PN (6AG1512-1SK00-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS ET 200SP IM 155-6 PN ST (6AG1155-6AU00-7BN0), SIPLUS ET 200SP IM 155-6 PN ST (6AG1155-6AU01-7BN0), SIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA00-7BN0), SIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA01-7BN0), SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL (6AG2155-6AA00-4BN0), SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL (6AG2155-6AA01-4BN0), SIPLUS ET 200SP IM 155-6 PN ST TX RAIL (6AG2155-6AU00-4BN0), SIPLUS ET 200SP IM 155-6 PN ST TX RAIL (6AG2155-6AU01-4BN0), SIPLUS HCS4200 CIM4210 (6BK1942-1AA00-0AA0), SIPLUS HCS4200 CIM4210C (6BK1942-1AA00-0AA1), SIPLUS HCS4300 CIM4310 (6BK1943-1AA00-0AA0), SIPLUS S7-1500 CPU 1511-1 PN (6AG1511-1AK00-2AB0), SIPLUS S7-1500 CPU 1511F-1 PN (6AG1511-1FK00-2AB0), SIPLUS S7-1500 CPU 1513-1 PN (6AG1513-1AL00-2AB0), SIPLUS S7-1500 CPU 1513F-1 PN (6AG1513-1FL00-2AB0), SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-2AB0), SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-7AB0), SIPLUS S7-1500 CPU 1516F-3 PN/DP (6AG1516-3FN00-2AB0), SIWAREX WP231 (7MH4960-2AA01), SIWAREX WP241 (7MH4960-4AA01), SIWAREX WP251 (7MH4960-6AA01), SIWAREX WP521 ST (7MH4980-1AA01), SIWAREX WP522 ST (7MH4980-2AA01): Currently no fix is planned
• SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants), SIMOCODE pro V PROFINET, SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0): Currently no fix is available
• SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants): Update to V1.3 or later version
• SIMATIC CFU PA (6ES7655-5PX11-1XX0): Update to V2.0.0 or later version
• SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0): Update to V2.0.0 or later version
• SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0): Update to V4.4 or later version
• SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0): Update to V4.4 or later version
• SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants): Update to V8.3 or later version

As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.

Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage

For more information see the associated Siemens security advisory SSA-725549 in HTML and CSAF.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.

5. UPDATE HISTORY

• April 15, 2025: Initial Republication of Siemen's Advisory SSA-725549