===========================================================================
ZMCIRT Vulnerability Bulletin
ZMC-2022.23.08.1000
Siemens OpenSSL Affected Industrial Products (Update B): CVSS (Max): 7.5
23rd August 2022
============================================================================
Product: Siemens OpenSSL Affected Industrial Products (Update B)
Publisher: ICS-CERT
Operating System: Network Appliance
Resolution: Patch/Upgrade
CVE Names: CVE-2022-0778
Original Bulletin:
https://us-cert.cisa.gov/ics/advisories/icsa-22-167-14
Comment: CVSS (Max): 7.5 CVE-2022-0778 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: ICS-CERT
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
ICS Advisory (ICSA-22-167-14)
Siemens OpenSSL Affected Industrial Products (Update B)
Original release date: August 18, 2022
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided
"as is" for informational purposes only. The Department of Homeland Security
(DHS) does not provide any warranties of any kind regarding any information
contained within. DHS does not endorse any commercial product or service,
referenced in this product or otherwise. Further dissemination of this product
is governed by the Traffic Light Protocol (TLP) marking in the header. For more
information about TLP, see https://us-cert.cisa.gov/tlp/ .
1. EXECUTIVE SUMMARY
o CVSS v3 7.5
o ATTENTION: Exploitable remotely/low attack complexity
o Vendor: Siemens
o Equipment: Multiple industrial products
o Vulnerability: Infinite Loop
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled
ICSA-22-167-14 Siemens OpenSSL Affected Industrial Products (Update A) that was
published July 14, 2022, on the ICS webpage on cisa.gov/ics.
3. RISK EVALUATION
Successful exploitation of this vulnerability could create a denial-of-service
condition in the affected products.
4. TECHNICAL DETAILS
4.1 AFFECTED PRODUCTS
The following Siemens industrial products are affected:
- --------- Begin Update B Part 1 of 9 ---------
o Industrial Edge - OPC UA Connector: All versions prior to v1.7
- --------- End Update B Part 1 of 9 ---------
o Industrial Edge - SIMATIC S7 Connector App: All versions prior to v1.7.0
o RUGGEDCOM CROSSBOW Station Access Controller: All versions only running on
ROX
o RUGGEDCOM RM1224 LTE(4G) EU: All versions
o RUGGEDCOM RM1224 LTE(4G) NAM: All versions
- --------- Begin Update B Part 2 of 9 ---------
o RUGGEDCOM ROX MX5000: All versions prior to v2.15.1
o RUGGEDCOM ROX MX5000RE: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1400: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1500: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1501: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1510: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1511: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1512: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1524: All versions prior to v2.15.1
o RUGGEDCOM ROX RX1536: All versions prior to v2.15.1
o RUGGEDCOM ROX RX5000: All versions prior to v2.15.1
- --------- End Update B Part 2 of 9 ---------
o SCALANCE LPE9403 (6GK5998-3GS00-2AC2): All versions prior to v2.0
o SCALANCE M804PB (6GK5804-0AP00-2AA2): All versions
o SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2): All versions
o SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2): All versions
o SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2): All versions
o SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2): All versions
o SCALANCE M826-2 SHDSL-Router (6GK5826- 2AB00-2AB2): All versions
o SCALANCE M874-2 (6GK5874-2AA00-2AA2): All versions
o SCALANCE M874-3 (6GK5874-3AA00-2AA2): All versions
o SCALANCE M876-3 (EVDO) (6GK5876-3AA02- 2BA2): All versions
o SCALANCE M876-3 (ROK) (6GK5876-3AA02- 2EA2): All versions
o SCALANCE M876-4 (EU) (6GK5876-4AA00- 2BA2): All versions
o SCALANCE M876-4 (NAM) (6GK5876-4AA00- 2DA2): All versions
o SCALANCE MUM853-1 (EU) (6GK5853-2EA00- 2DA1): All versions
o SCALANCE MUM853-1 (RoW) (6GK5853- 2EA00-2AA1): All versions
o SCALANCE MUM856-1 (EU) (6GK5856-2EA00- 3DA1): All versions
o SCALANCE MUM856-1 (NAM) (6GK5856- 2EA00-3BA1): All versions
o SCALANCE MUM856-1 (RoW) (6GK5856- 2EA00-3AA1): All versions
o SCALANCE S615 (6GK5615-0AA00-2AA2): All versions
o SCALANCE SC622-2C (6GK5622-2GS00- 2AC2): All versions prior to v2.3.1
o SCALANCE SC632-2C (6GK5632-2GS00- 2AC2): All versions prior to v2.3.1
o SCALANCE SC636-2C (6GK5636-2GS00- 2AC2): All versions prior to v2.3.1
o SCALANCE SC642-2C (6GK5642-2GS00- 2AC2): All versions prior to v2.3.1
o SCALANCE SC646-2C (6GK5646-2GS00- 2AC2): All versions prior to v2.3.1
- --------- Begin Update B Part 3 of 9 ---------
o SCALANCE W1750D (JP) (6GK5750-2HX01- 1AD0): All versions
o SCALANCE W1750D (ROW) (6GK5750-2HX01- 1AA0): All versions
o SCALANCE W1750D (USA) (6GK5750-2HX01- 1AB0): All versions
- --------- End Update B Part 3 of 9 ---------
o SCALANCE X200-4P IRT (6GK5200-4AH00- 2BA3): All versions
o SCALANCE X200-4P IRT (6GK5200-4AH10- 2BA3): All versions
o SCALANCE X201-3P IRT (6GK5201-3BH00- 2BA3): All versions
o SCALANCE X201-3P IRT (6GK5201-3BH10- 2BA3): All versions
o SCALANCE X201-3P IRT PRO (6GK5201- 3BH00-2BD2): All versions
o SCALANCE X201-3P IRT PRO (6GK5201-3JR10- 2BA6): All versions
o SCALANCE X202-2IRT (6GK5202-2BB00- 2BA3): All versions
o SCALANCE X202-2IRT (6GK5202-2BB10- 2BA3): All versions
o SCALANCE X202-2P IRT (6GK5202-2BH00- 2BA3): All versions
o SCALANCE X202-2P IRT (6GK5202-2BH10- 2BA3): All versions
o SCALANCE X202-2P IRT PRO (6GK5202-2JR00- 2BA6): All versions
o SCALANCE X202-2P IRT PRO (6GK5202-2JR10- 2BA6): All versions
o SCALANCE X204-2 (6GK5204-2BB10-2AA3): All versions
o SCALANCE X204-2FM (6GK5204-2BB11- 2AA3): All versions
o SCALANCE X204-2LD (6GK5204-2BC10- 2AA3): All versions
o SCALANCE X204-2LD TS (6GK5204-2BC10- 2CA2): All versions
o SCALANCE X204-2TS (6GK5204-2BB10- 2CA2): All versions
o SCALANCE X204IRT (6GK5204-0BA00-2BA3): All versions
o SCALANCE X204IRT (6GK5204-0BA10-2BA3): All versions
o SCALANCE X204IRT PRO (6GK5204-0JA00- 2BA6): All versions
o SCALANCE X204IRT PRO (6GK5204-0JA10- 2BA6): All versions
o SCALANCE X206-1 (6GK5206-1BB10-2AA3): All versions
o SCALANCE X206-1LD (6GK5206-1BC10- 2AA3): All versions
o SCALANCE X208 (6GK5208-0BA10-2AA3): All versions
o SCALANCE X208PRO (6GK5208-0HA10- 2AA6): All versions
o SCALANCE X212-2 (6GK5212-2BB00-2AA3): All versions
o SCALANCE X212-2LD (6GK5212-2BC00- 2AA3): All versions
o SCALANCE X216 (6GK5216-0BA00-2AA3): All versions
o SCALANCE X224 (6GK5224-0BA00-2AA3): All versions
o SCALANCE X302-7 EEC (2x 24V) (6GK5302- 7GD00-2EA3): All versions
o SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3): All versions
o SCALANCE X302-7 EEC (2x 230V) (6GK5302- 7GD00-4EA3): All versions
o SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3): All versions
o SCALANCE X302-7 EEC (24V) (6GK5302- 7GD00-1EA3): All versions
o SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3): All versions
o SCALANCE X302-7 EEC (230V) (6GK5302- 7GD00-3EA3): All versions
o SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3): All versions
o SCALANCE X304-2FE (6GK5304-2BD00- 2AA3): All versions
o SCALANCE X306-1LD FE (6GK5306-1BF00- 2AA3): All versions
o SCALANCE X307-2 EEC (2x 24V) (6GK5307- 2FD00-2EA3): All versions
o SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3): All versions
o SCALANCE X307-2 EEC (2x 230V) (6GK5307- 2FD00-4EA3): All versions
o SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3): All versions
o SCALANCE X307-2 EEC (24V) (6GK5307- 2FD00-1EA3): All versions
o SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3): All versions
o SCALANCE X307-2 EEC (230V) (6GK5307- 2FD00-3EA3): All versions
o SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3): All versions
o SCALANCE X307-3 (6GK5307-3BL00-2AA3): All versions
o SCALANCE X307-3 (6GK5307-3BL10-2AA3): All versions
o SCALANCE X307-3LD (6GK5307-3BM00- 2AA3): All versions
o SCALANCE X307-3LD (6GK5307-3BM10- 2AA3): All versions
o SCALANCE X308-2 (6GK5308-2FL00-2AA3): All versions
o SCALANCE X308-2 (6GK5308-2FL10-2AA3): All versions
o SCALANCE X308-2LD (6GK5308-2FM00- 2AA3): All versions
o SCALANCE X308-2LD (6GK5308-2FM10- 2AA3): All versions
o SCALANCE X308-2LH (6GK5308-2FN00- 2AA3): All versions
o SCALANCE X308-2LH (6GK5308-2FN10- 2AA3): All versions
o SCALANCE X308-2LH+ (6GK5308-2FP00- 2AA3): All versions
o SCALANCE X308-2LH+ (6GK5308-2FP10- 2AA3): All versions
o SCALANCE X308-2M (6GK5308-2GG00-2AA2): All versions
o SCALANCE X308-2M (6GK5308-2GG10-2AA2): All versions
o SCALANCE X308-2M PoE (6GK5308-2QG00- 2AA2): All versions
o SCALANCE X308-2M PoE (6GK5308-2QG10- 2AA2): All versions
o SCALANCE X308-2M TS (6GK5308-2GG00- 2CA2): All versions
o SCALANCE X308-2M TS (6GK5308-2GG10- 2CA2): All versions
o SCALANCE X310 (6GK5310-0FA00-2AA3): All versions
o SCALANCE X310 (6GK5310-0FA10-2AA3): All versions
o SCALANCE X310FE (6GK5310-0BA00-2AA3): All versions
o SCALANCE X310FE (6GK5310-0BA10-2AA3): All versions
o SCALANCE X320-1 FE (6GK5320-1BD00- 2AA3): All versions
o SCALANCE X320-1-2LD FE (6GK5320-3BF00- 2AA3): All versions
o SCALANCE X408-2 (6GK5408-2FD00-2AA2): All versions
o SCALANCE XB205-3 (SC) (6GK5205-3BD00- 2AB2): All versions
o SCALANCE XB205-3 (SC) (6GK5205-3BD00- 2TB2): All versions
o SCALANCE XB205-3 (ST/BFOC) (6GK5205- 3BB00-2AB2): All versions
o SCALANCE XB205-3 (ST/BFOC) (6GK5205- 3BB00-2TB2): All versions
o SCALANCE XB205-3LD (6GK5205-3BF00- 2AB2): All versions
o SCALANCE XB205-3LD (6GK5205-3BF00- 2TB2): All versions
o SCALANCE XB208 (6GK5208-0BA00-2AB2): All versions
o SCALANCE XB208 (6GK5208-0BA00-2TB2): All versions
o SCALANCE XB213-3 (SC) (6GK5213-3BD00- 2AB2): All versions
o SCALANCE XB213-3 (SC) (6GK5213-3BD00- 2TB2): All versions
o SCALANCE XB213-3 (ST/BFOC) (6GK5213- 3BB00-2AB2): All versions
o SCALANCE XB213-3 (ST/BFOC) (6GK5213- 3BB00-2TB2): All versions
o SCALANCE XB213-3LD (6GK5213-3BF00- 2AB2): All versions
o SCALANCE XB213-3LD (6GK5213-3BF00- 2TB2): All versions
o SCALANCE XB216 (6GK5216-0BA00-2AB2): All versions
o SCALANCE XB216 (6GK5216-0BA00-2TB2): All versions
o SCALANCE XC206-2 (SC) (6GK5206-2BD00- 2AC2): All versions
o SCALANCE XC206-2 (ST/BFOC) (6GK5206- 2BB00-2AC2): All versions
o SCALANCE XC206-2SFP (6GK5206-2BS00- 2AC2): All versions
o SCALANCE XC206-2SFP EEC (6GK5206- 2BS00-2FC2): All versions
o SCALANCE XC206-2SFP G (6GK5206-2GS00- 2AC2): All versions
o SCALANCE XC206-2SFP G (6GK5206-2GS00- 2TC2): All versions
o SCALANCE XC206-2SFP G EEC (6GK5206- 2GS00-2FC2): All versions
o SCALANCE XC208 (6GK5208-0BA00-2AC2): All versions
o SCALANCE XC208EEC (6GK5208-0BA00- 2FC2): All versions
o SCALANCE XC208G (6GK5208-0GA00-2AC2): All versions
o SCALANCE XC208G (6GK5208-0GA00-2TC2): All versions
o SCALANCE XC208G EEC (6GK5208-0GA00- 2FC2): All versions
o SCALANCE XC216 (6GK5216-0BA00-2AC2): All versions
o SCALANCE XC216-4C (6GK5216-4BS00- 2AC2): All versions
o SCALANCE XC216-4C G (6GK5216-4GS00- 2AC2): All versions
o SCALANCE XC216-4C G (EIP Def.) (6GK5216- 4GS00-2TC2): All versions
o SCALANCE XC216-4C G EEC (6GK5216- 4GS00-2FC2): All versions
o SCALANCE XC216EEC (6GK5216-0BA00- 2FC2): All versions
o SCALANCE XC224 (6GK5224-0BA00-2AC2): All versions
o SCALANCE XC224-4C G (6GK5224-4GS00- 2AC2): All versions
o SCALANCE XC224-4C G (EIP Def.) (6GK5224- 4GS00-2TC2): All versions
o SCALANCE XC224-4C G EEC (6GK5224- 4GS00-2FC2): All versions
o SCALANCE XF201-3P IRT (6GK5201-3JR00- 2BA6): All versions
o SCALANCE XF202-2P IRT (6GK5202-2BH00- 2BD2): All versions
o SCALANCE XF204 (6GK5204-0BA00-2AF2): All versions
o SCALANCE XF204 (6GK5204-0BA00-2GF2): All versions
o SCALANCE XF204 DNA (6GK5204-0BA00- 2YF2): All versions
o SCALANCE XF204-2 (6GK5204-2BC00-2AF2): All versions
o SCALANCE XF204-2BA (6GK5204-2AA00- 2GF2): All versions
o SCALANCE XF204-2BA DNA (6GK5204-2AA00- 2YF2): All versions
o SCALANCE XF204-2BA IRT (6GK5204-2AA00- 2BD2): All versions
o SCALANCE XF204IRT (6GK5204-0BA00- 2BF2): All versions
o SCALANCE XF204IRT (6GK5204-0BA10- 2BF2): All versions
o SCALANCE XF206-1 (6GK5206-1BC00-2AF2): All versions
o SCALANCE XF208 (6GK5208-0BA00-2AF2): All versions
o SCALANCE XM408-4C (6GK5408-4GP00- 2AM2): All versions
o SCALANCE XM408-4C (L3 int.) (6GK5408- 4GQ00-2AM2): All versions
o SCALANCE XM408-8C (6GK5408-8GS00- 2AM2): All versions
o SCALANCE XM408-8C (L3 int.) (6GK5408- 8GR00-2AM2): All versions
o SCALANCE XM416-4C (6GK5416-4GS00- 2AM2): All versions
o SCALANCE XM416-4C (L3 int.) (6GK5416- 4GR00-2AM2): All versions
o SCALANCE XP208 (6GK5208-0HA00-2AS6): All versions
o SCALANCE XP208 (6GK5208-0HA00-2TS6): All versions
o SCALANCE XP208EEC (6GK5208-0HA00- 2ES6): All versions
o SCALANCE XP208PoE EEC (6GK5208-0UA00- 5ES6): All versions
o SCALANCE XP216 (6GK5216-0HA00-2AS6): All versions
o SCALANCE XP216 (6GK5216-0HA00-2TS6): All versions
o SCALANCE XP216EEC (6GK5216-0HA00- 2ES6): All versions
o SCALANCE XP216POE EEC (6GK5216-0UA00- 5ES6): All versions
o SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2): All
versions
o SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2): All
versions
o SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2): All
versions
o SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2): All
versions
o SCALANCE XR324-4M EEC (2x 100-240VAC/60- 250VDC, ports on front)
(6GK5324-4GG00- 4ER2): All versions
o SCALANCE XR324-4M EEC (2x 100-240VAC/60- 250VDC, ports on front)
(6GK5324-4GG10- 4ER2): All versions
o SCALANCE XR324-4M EEC (2x 100-240VAC/60- 250VDC, ports on rear)
(6GK5324-4GG00- 4JR2): All versions
o SCALANCE XR324-4M EEC (2x 100-240VAC/60- 250VDC, ports on rear)
(6GK5324-4GG10- 4JR2): All versions
o SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2): All
versions
o SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2): All
versions
o SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2): All
versions
o SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2): All
versions
o SCALANCE XR324-4M EEC (100-240VAC/60- 250VDC, ports on front)
(6GK5324-4GG00- 3ER2): All versions
o SCALANCE XR324-4M EEC (100-240VAC/60- 250VDC, ports on front)
(6GK5324-4GG10- 3ER2): All versions
o SCALANCE XR324-4M EEC (100-240VAC/60- 250VDC, ports on rear)
(6GK5324-4GG00- 3JR2): All versions
o SCALANCE XR324-4M EEC (100-240VAC/60- 250VDC, ports on rear)
(6GK5324-4GG10- 3JR2): All versions
o SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2): All
versions
o SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2): All
versions
o SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2): All
versions
o SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2): All
versions
o SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2): All
versions
o SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2): All versions
o SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2): All versions
o SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2): All versions
o SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2): All versions
o SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2): All
versions
o SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2): All
versions
o SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2): All versions
o SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2): All versions
o SCALANCE XR324-12M TS (24V) (6GK5324- 0GG00-1CR2): All versions
o SCALANCE XR324-12M TS (24V) (6GK5324- 0GG10-1CR2): All versions
o SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3): All versions
o SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3): All versions
o SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00- 3AR3): All
versions
o SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00- 3RR3): All
versions
o SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3): All versions
o SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3): All versions
o SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3): All versions
o SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3): All versions
o SCALANCE XR524-8C, 1x230V (6GK5524- 8GS00-3AR2): All versions
o SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2): All versions
o SCALANCE XR524-8C, 2x230V (6GK5524- 8GS00-4AR2): All versions
o SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2): All versions
o SCALANCE XR524-8C, 24V (6GK5524-8GS00- 2AR2): All versions
o SCALANCE XR524-8C, 24V (L3 int.) (6GK5524- 8GR00-2AR2): All versions
o SCALANCE XR526-8C, 1x230V (6GK5526- 8GS00-3AR2): All versions
o SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2): All versions
o SCALANCE XR526-8C, 2x230V (6GK5526- 8GS00-4AR2): All versions
o SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2): All versions
o SCALANCE XR526-8C, 24V (6GK5526-8GS00- 2AR2): All versions
o SCALANCE XR526-8C, 24V (L3 int.) (6GK5526- 8GR00-2AR2): All versions
o SCALANCE XR528-6M (6GK5528-0AA00- 2AR2): All versions
o SCALANCE XR528-6M (2HR2) (6GK5528- 0AA00-2HR2): All versions
o SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2): All versions
o SCALANCE XR528-6M (L3 int.) (6GK5528- 0AR00-2AR2): All versions
o SCALANCE XR552-12M (6GK5552-0AA00- 2AR2): All versions
o SCALANCE XR552-12M (2HR2) (6GK5552- 0AA00-2HR2): All versions
o SCALANCE XR552-12M (2HR2) (6GK5552- 0AR00-2HR2): All versions
o SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2): All versions
o Security Configuration Tool (SCT): All versions
- --------- Begin Update B Part 4 of 9 ---------
o SIMATIC Cloud Connect 7 CC712 (6GK1411- 1AC00): All versions prior to v1.9
o SIMATIC Cloud Connect 7 CC716 (6GK1411- 5AC00): All versions prior to v1.9
- --------- End Update B Part 4 of 9 ---------
o SIMATIC CP 343-1 Advanced (6GK7343-1GX31- 0XE0): All versions
o SIMATIC CP 443-1 Advanced (6GK7443-1GX30- 0XE0): All versions
o SIMATIC CP 443-1 OPC UA (6GK7443-1UX00- 0XE0): All versions
o SIMATIC CP 1242-7 V2 (6GK7242-7KX31- 0XE0): All versions
o SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0): All versions
o SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30- 0XE0): All versions
o SIMATIC CP 1243-7 LTE US (6GK7243-7SX30- 0XE0): All versions
o SIMATIC CP 1243-8 IRC (6GK7243-8RX30- 0XE0): All versions
o SIMATIC CP 1542SP-1 (6GK7542-6UX00- 0XE0): All versions
o SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0): All versions
o SIMATIC CP 1543SP-1 (6GK7543-6WX00- 0XE0): All versions
o SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0): All versions
o SIMATIC CP 1626 (6GK1162-6AA01): All versions
o SIMATIC CP 1628 (6GK1162-8AA00): All versions
o SIMATIC ET 200SP Open Controller (incl. SIPLUS variants): All versions
- --------- Begin Update B Part 5 of 9 ---------
o SIMATIC Logon: All versions prior to v1.6 Upd6
o SIMATIC MV540 H (6GF3540-0GE10): All versions prior to v3.3
o SIMATIC MV540 S (6GF3540-0CD10): All versions prior to v3.3
o SIMATIC MV550 H (6GF3550-0GE10): All versions prior to v3.3
o SIMATIC MV550 S (6GF3550-0CD10): All versions prior to v3.3
o SIMATIC MV560 U (6GF3560-0LE10): All versions prior to v3.3
o SIMATIC MV560 X (6GF3560-0HE10): All versions prior to v3.3
- --------- End Update B Part 5 of 9 ---------
o SIMATIC NET PC Software v14: All versions
o SIMATIC NET PC Software v15: All versions
- --------- Begin Update B Part 6 of 9 ---------
o SIMATIC NET PC Software v16: All versions prior to v16 Update 6
- --------- End Update B Part 6 of 9 ---------
o SIMATIC NET PC Software v17: All versions
o SIMATIC PCS 7 TeleControl: All versions
o SIMATIC PCS neo: All versions
- --------- Begin Update B Part 7 of 9 ---------
o SIMATIC PDM: All versions prior to v9.2.2
- --------- End Update B Part 7 of 9 ---------
o SIMATIC RF166C (6GT2002-0EE20): All versions prior to v2.0.1
o SIMATIC RF185C (6GT2002-0JE10): All versions prior to v2.0.1
o SIMATIC RF186C (6GT2002-0JE20): All versions prior to v2.0.1
o SIMATIC RF186CI (6GT2002-0JE50): All versions prior to v2.0.1
o SIMATIC RF188C (6GT2002-0JE40): All versions prior to v2.0.1
o SIMATIC RF188CI (6GT2002-0JE60): All versions prior to v.2.0.1
o SIMATIC RF360R (6GT2801-5BA30): All versions prior to v2.0.1
o SIMATIC RF610R (6GT2811-6BC10): All versions prior to v4.0.1
o SIMATIC RF615R (6GT2811-6CC10): All versions prior to v4.0.1
o SIMATIC RF650R (6GT2811-6AB20): All versions prior to v4.0.1
o SIMATIC RF680R (6GT2811-6AA10): All versions prior to v4.0.1
o SIMATIC RF685R (6GT2811-6CA10): All versions prior to v4.0.1
o SIMATIC S7-1200 CPU family (incl. SIPLUS variants): All versions
o SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants):
All versions
o SIMATIC S7-1500 Software Controller (incl. F): All versions
o SIMATIC S7-PLCSIM Advanced: All versions
o SIMATIC STEP 7 (TIA Portal): All versions
- --------- Begin Update B Part 8 of 9 ---------
o SIMATIC STEP 7 V5.X: All versions prior to v5.7 HF4
- --------- End Update B Part 8 of 9 ---------
o SIMATIC WinCC (TIA Portal): All versions
o SINAUT Software ST7sc: All versions
o SINAUT ST7CC: All versions
o SINEC INS: All versions
o SINEC NMS: All versions
o SINEMA Remote Connect Server: All versions prior to v3.1
o SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0): All versions
o SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0): All versions
o SIPLUS NET CP 343-1 Advanced (6AG1343- 1GX31-4XE0): All versions
o SIPLUS NET CP 443-1 Advanced (6AG1443- 1GX30-4XE0): All versions
o SIPLUS NET CP 1242-7 v2 (6AG1242-7KX31- 7XE0): All versions
o SIPLUS NET CP 1543-1 (6AG1543-1AX00- 2XE0): All versions
o SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3): All versions
o SIPLUS NET SCALANCE X308-2 (6AG1308- 2FL10-4AA3): All versions
o SIPLUS NET SCALANCE XC206-2 (6AG1206- 2BB00-7AC2): All versions
o SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2): All versions
o SIPLUS NET SCALANCE XC208 (6AG1208- 0BA00-7AC2): All versions
o SIPLUS NET SCALANCE XC216-4C (6AG1216- 4BS00-7AC2): All versions
o SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30- 2AX0): All versions
o SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243- 1BX30-1XE0): All versions
o SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0): All versions
- --------- Begin Update B Part 9 of 9 ---------
o TeleControl Server Basic v3: All versions prior to v3.1.1
- --------- End Update B Part 9 of 9 ---------
o TIA Administrator: All versions
o TIA Portal Cloud: All versions
o TIA Portal v15: All versions
o TIA Portal v16: All versions
o TIA Portal v17: All versions
o TIM 1531 IRC (6GK7543-1MX00-0XE0): All versions
4.2 VULNERABILITY OVERVIEW
4.2.1 LOOP WITH UNREACHABLE EXIT CONDITION ('INFINITE LOOP') CWE-835
An attacker can trigger an infinite loop by crafting a certificate that has
invalid explicit curve parameters, which could result in a denial-of-service
condition. Learn more about this vulnerability here .
CVE-2022-0778 has been assigned to this vulnerability. A CVSS v3 base score of
7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:N/I:N/A:H ).
4.3 BACKGROUND
o CRITICAL INFRASTRUCTURE SECTORS: Multiple sectors
o COUNTRIES/AREAS DEPLOYED: Worldwide
o COMPANY HEADQUARTERS LOCATION: Germany
4.4 RESEARCHER
Siemens reported this vulnerability to CISA.
5. MITIGATIONS
Siemens has released updates for several affected products and recommends
updating to the latest versions available. Siemens is preparing further updates
and recommends countermeasures for products where updates are not yet available
or will not be developed. Please see Siemens SSA-712929 to determine if there
is an update available.
As a general security measure, Siemens recommends protecting network access to
devices with appropriate mechanisms. To operate the devices in a protected IT
environment, Siemens recommends configuring the environment according to
Siemens' operational guidelines for industrial security and following
recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the
Siemens industrial security webpage .
For more information see Siemens Security Advisory SSA-712929
CISA recommends users take defensive measures to minimize the risk of
exploitation of this vulnerability. CISA reminds organizations to perform
proper impact analysis and risk assessment prior to deploying defensive
measures.
CISA also provides a section for control systems security recommended practices
on the ICS webpage on cisa.gov/ics Several recommended practices are available
for reading and download, including Improving Industrial Control Systems
Cybersecurity with Defense-in-Depth Strategies .
Additional mitigation guidance and recommended practices are publicly available
on the ICS webpage on cisa.gov/ics in the Technical Information Paper,
ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation
Strategies .
Organizations observing any suspected malicious activity should follow their
established internal procedures and report their findings to CISA for tracking
and correlation against other incidents.
No known public exploits specifically target this vulnerability.
For any questions related to this report, please contact the CISA at:
Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870
CISA continuously strives to improve its products and services. You can help by
choosing one of the links below to provide feedback about this product.
---------------------------END INCLUDED TEXT--------------------
ZMCIRT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. ZMCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Internet Email: report@cirt.zm
Telephone: 7070
ZMCIRT personnel answer during Zambian business hours
which are 8am to 5pm.
On call after hours for member emergencies only.
===========================================================================
Copyright @2023 ZAMBIA CIRT