Serial number: AV24-328
Date: June 11, 2024
On June 11, 2024, Siemens published security advisories to address vulnerabilities in the following products:
- CPCX26 Central Processing/Communication – versions prior to V06.02
- ETA4 Ethernet Interface IEC60870-5-104 – versions prior to V10.46
- ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 – versions prior to V03.27
- JT2Go – versions prior to V2312.0004
- Mendix Applications using Mendix 10 – versions prior to V10.11.0
- Mendix Applications using Mendix 10 (V10.6) – versions prior to V10.6.9
- Mendix Applications using Mendix 9 – versions V9.3.0 to versions prior to V9.24.22
- PCCX26 Ax 1703 PE, Contr, Communication Element – versions prior to V06.05
- PowerSys – versions prior to V3.11
- SCALANCE W700 802.11 AX Family – multiple versions and platforms
- SCALANCE XM-400/XR-500 – versions prior to V6.6.1 and multiple platforms
- SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) – versions prior to V2.3
- SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) – versions prior to V2.3
- SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) – versions prior to V2.3
- SIMATIC S7-200 SMART CPU – multiple versions and platforms
- SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) – versions prior to V1.2
- SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) – versions prior to V2.3
- SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) – versions prior to V2.3
- SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) – versions prior to V2.3
- SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) – versions prior to V2.4.8
- SITOP UPS1600 10 A Ethernet/ PROFINET (6EP4134-3AB00-2AY0) – versions prior to V2.5.4
- SITOP UPS1600 20 A Ethernet/ PROFINET (6EP4136-3AB00-2AY0) – versions prior to V2.5.4
- SITOP UPS1600 40 A Ethernet/ PROFINET (6EP4137-3AB00-2AY0) – versions prior to V2.5.4
- SITOP UPS1600 EX 20 A Ethernet PROFINET (6EP4136-3AC00-2AY0) – versions prior to V2.5.4
- ST7 ScadaConnect (6NH7997-5DA10-0AA0) – versions prior to V1.1
- Teamcenter Visualization V14.2 – all versions
- Teamcenter Visualization V14.3 – versions prior to V14.3.0.9
- Teamcenter Visualization V2312 – versions prior to V2312.0004
- Tecnomatix Plant Simulation V2302 – versions prior to V2302.0012
- Tecnomatix Plant Simulation V2404 – versions prior to V2404.0001
- TIA Administrator – versions prior to V3 SP2
- TIM 1531 IRC (6GK7543-1MX00-0XE0) – versions prior to V2.4.8
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.