Siemens SCALANCE W1750D, M800, and S615 (Update C) (ICSA-17-332-01) – Product Used in Water and Wastewater and Energy Sectors

Author: Charles Egli

Created: Tuesday, October 13, 2020 - 17:56

Categories: Cybersecurity

October 13, 2020

CISA has updated this advisory with additional details on the affected products. Read the advisory at CISA.

May 10, 2018

The NCCIC has updated this advisory with additional details on mitigation measures. NCCIC/ICS-CERT.

April 5, 2018

The NCCIC/ICS-CERT has updated this advisory with additional information on mitigating measures. NCCIC/ICS-CERT.

November 28, 2017

ICS-CERT has released an advisory on a Siemens SCALANCE W1750D, M800, and S615 vulnerability. All versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses. Siemens reports it is preparing updates for the affected products and recommends a series of mitigations. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability. ICS-CERT.