Refine your search
4 vulnerabilities found for SCALANCE by Siemens
CERTFR-2026-AVI-0432
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SIMATIC | SIMATIC IPC PX-39A versions antérieures à 29.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC627E toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC Field PG M5 toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-32A versions antérieures à 29.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-39A versions antérieures à 29.01.09 | ||
| Siemens | SIMATIC | SIMATIC Field PG M6 toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC677E toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC PX-39A PRO versions antérieures à 29.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-59A versions antérieures à 32.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC847E toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC427E versions antérieures à 21.01.20 | ||
| Siemens | SCALANCE | SCALANCE W-700 IEEE 802.11n versions antérieures à 6.6.0 | ||
| Siemens | SIMATIC | SIMATIC IPC477E versions antérieures à 21.01.20 | ||
| Siemens | SIMATIC | SIMATIC CN 4100 toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-2884. | ||
| Siemens | SIMATIC | SIMATIC ITP1000 toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC477E PRO versions antérieures à 21.01.20 | ||
| Siemens | SIMATIC | SIMATIC IPC RW-548A versions antérieures à 34.01.02 | ||
| Siemens | SIMATIC | SIMATIC IPC PX-32A versions antérieures à 29.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-56A versions antérieures à 32.01.09 | ||
| Siemens | SIMATIC | SIMATIC IPC277E toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-2884. | ||
| Siemens | SIMATIC | SIMATIC IPC RW-528A versions antérieures à 34.01.02 | ||
| Siemens | SIMATIC | SIMATIC IPC647E toutes versions pour la vulnérabilité CVE-2025-2884 | ||
| Siemens | SIMATIC | SIMATIC IPC MD-57A versions antérieures à 30.01.10 | ||
| Siemens | SIMATIC | SIMATIC IPC227E toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-2884. |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC IPC PX-39A versions ant\u00e9rieures \u00e0 29.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC627E toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M5 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-32A versions ant\u00e9rieures \u00e0 29.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-39A versions ant\u00e9rieures \u00e0 29.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M6 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677E toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC PX-39A PRO versions ant\u00e9rieures \u00e0 29.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-59A versions ant\u00e9rieures \u00e0 32.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847E toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427E versions ant\u00e9rieures \u00e0 21.01.20",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W-700 IEEE 802.11n versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E versions ant\u00e9rieures \u00e0 21.01.20",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CN 4100 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ITP1000 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E PRO versions ant\u00e9rieures \u00e0 21.01.20",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC RW-548A versions ant\u00e9rieures \u00e0 34.01.02",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC PX-32A versions ant\u00e9rieures \u00e0 29.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-56A versions ant\u00e9rieures \u00e0 32.01.09",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC277E toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC RW-528A versions ant\u00e9rieures \u00e0 34.01.02",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647E toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC MD-57A versions ant\u00e9rieures \u00e0 30.01.10",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC227E toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-2884.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"name": "CVE-2020-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2020-26140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"name": "CVE-2020-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"name": "CVE-2022-36325",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36325"
},
{
"name": "CVE-2022-36323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36323"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-36324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36324"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2025-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2884"
},
{
"name": "CVE-2022-31765",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31765"
}
],
"initial_release_date": "2026-04-14T00:00:00",
"last_revision_date": "2026-04-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0432",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2026-04-14",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-628843",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-628843.html"
},
{
"published_at": "2026-04-14",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-019200",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
}
]
}
CERTFR-2026-AVI-0101
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SCALANCE | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à 3.3 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à 3.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-32433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32433"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2025-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
},
{
"name": "CVE-2025-39865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39865"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-39864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2023-42365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42365"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2024-6874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6874"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2022-48174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48174"
},
{
"name": "CVE-2025-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
},
{
"name": "CVE-2023-42364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42364"
},
{
"name": "CVE-2025-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2023-7256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7256"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-0665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0665"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
},
{
"name": "CVE-2024-8006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8006"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2023-42363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42363"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-39841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39841"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2024-47619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47619"
}
],
"initial_release_date": "2026-01-29T00:00:00",
"last_revision_date": "2026-01-29T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0101",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2026-01-28",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-089022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-089022.html"
}
]
}
CERTFR-2026-AVI-0032
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3XB27-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC227E Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3UB27-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN R1 (6ES7155-6AU00-0HM0) versions antérieures à 6.0.1 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-39A Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Unified Comfort Panel hygienic (6AV2128-3MB40-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3MB27-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40944. | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Unified Comfort Hygienic neutral design (6AV2128-3XB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Unified Comfort Panel neutral design (6AV2128-3UB36-0AX1) versions antérieures à 21 | ||
| Siemens | SCALANCE | SCALANCE LPE9433 (6GK5998-3GS11-2AC2) versions antérieures à 2.2 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Unified Comfort Panel hygienic neutral design (6AV2128-3UB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3UB57-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Unified Comfort Panel (6AV2128-3QB06-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3MB27-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) versions antérieures à 4.2.2 | ||
| Siemens | SIMATIC | SIMATIC Automation Workstation 24" (6AV7256-6CA00-0FP0) toutes versions pour la vulnérabilité CVE-2025-40805 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3UB57-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3QB57-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Unified Comfort Panel (6AV2128-3UB06-0AX1) versions antérieures à 21 | ||
| Siemens | SCALANCE | SCALANCE LPE9413 (6GK5998-3GS01-2AC2) versions antérieures à 2.2 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3QB27-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1000 Unified Comfort Panel hygienic (6AV2128-3KB40-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC Automation Workstation 19" (6AV7256-6CA01-0FP0) toutes versions pour la vulnérabilité CVE-2025-40805 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Unified Comfort Panel hygienic neutral design (6AV2128-3QB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Unified Comfort Panel neutral design (6AV2128-3XB36-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3MB57-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) versions antérieures à 6.0.0 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Unified Comfort Panel hygienic (6AV2128-3UB40-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC127E Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3XB27-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Unified Comfort Panel neutral design (6AV2128-3QB36-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3MB57-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Unified Comfort Panel hygienic (6AV2128-3QB40-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) versions antérieures à 1.3 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3QB57-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IOT2050 (6ES7647-0BA00-1YA2) versions antérieures à 1.25.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3UB57-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC427E Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design (6AV2128-3MB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Unified Comfort Panel neutral design (6AV2128-3MB36-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40944. | ||
| Siemens | SIMATIC | SIMATIC HMI MTP700, Unified Comfort Panel neutral design (6AV2128-3GB36-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3XB57-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40944. | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design (6AV2128-3KB70-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3UB27-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3XB27-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3XB57-1BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3QB57-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1000, Unified Comfort Panel neutral (6AV2128-3KB36-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40944. | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3XB57-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC BX-59A Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3MB57-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3QB27-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1900 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3UB27-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Unified Comfort Panel (6AV2128-3XB06-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1000 Unified Comfort Panel (6AV2128-3KB06-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC227G Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP700 Unified Comfort Panel (6AV2128-3GB06-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3MB27-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1200 Unified Comfort Panel (6AV2128-3MB06-0AX1) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP1500 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3QB27-0BX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC HMI MTP2200 Unified Comfort Hygienic (6AV2128-3XB40-0AX0) versions antérieures à 21 | ||
| Siemens | SIMATIC | SIMATIC IPC847E Industrial Edge Device versions antérieures à 3.1 | ||
| Siemens | SIMATIC | SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40944. | ||
| Siemens | SIMATIC | SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB40-0AX0) versions antérieures à 21 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3XB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC227E Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3UB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN R1 (6ES7155-6AU00-0HM0) versions ant\u00e9rieures \u00e0 6.0.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-39A Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic (6AV2128-3MB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3MB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40944.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Hygienic neutral design (6AV2128-3XB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel neutral design (6AV2128-3UB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE LPE9433 (6GK5998-3GS11-2AC2) versions ant\u00e9rieures \u00e0 2.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic neutral design (6AV2128-3UB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3UB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel (6AV2128-3QB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3MB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) versions ant\u00e9rieures \u00e0 4.2.2",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Automation Workstation 24\" (6AV7256-6CA00-0FP0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40805",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3UB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3QB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel (6AV2128-3UB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE LPE9413 (6GK5998-3GS01-2AC2) versions ant\u00e9rieures \u00e0 2.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3QB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic (6AV2128-3KB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Automation Workstation 19\" (6AV7256-6CA01-0FP0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40805",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic neutral design (6AV2128-3QB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Panel neutral design (6AV2128-3XB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3MB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) versions ant\u00e9rieures \u00e0 6.0.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic (6AV2128-3UB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC127E Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3XB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel neutral design (6AV2128-3QB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3MB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic (6AV2128-3QB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 1.3",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3QB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IOT2050 (6ES7647-0BA00-1YA2) versions ant\u00e9rieures \u00e0 1.25.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3UB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427E Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design (6AV2128-3MB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel neutral design (6AV2128-3MB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40944.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700, Unified Comfort Panel neutral design (6AV2128-3GB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3XB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40944.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design (6AV2128-3KB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3UB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3XB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3XB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3QB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000, Unified Comfort Panel neutral (6AV2128-3KB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40944.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3XB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC BX-59A Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3MB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3QB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3UB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Panel (6AV2128-3XB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel (6AV2128-3KB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC227G Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel (6AV2128-3GB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3MB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel (6AV2128-3MB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3QB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Hygienic (6AV2128-3XB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847E Industrial Edge Device versions ant\u00e9rieures \u00e0 3.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40944.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-40944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40944"
},
{
"name": "CVE-2025-40805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40805"
}
],
"initial_release_date": "2026-01-14T00:00:00",
"last_revision_date": "2026-01-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0032",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-001536",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-001536.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-674753",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-674753.html"
}
]
}
CERTFR-2025-AVI-0492
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC432 (6GK5432-0GR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC432 (6GK5432-0GR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC332 (6GK5332-0GA00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 versions supérieures ou égales àV3.1.5 pour les vulnérabilités CVE-2021-41617, CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5363, CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-46218, CVE-2023-46219, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-52927, CVE-2024-2961, CVE-2024-6119, CVE-2024-6387, CVE-2024-12133, CVE-2024-12243, CVE-2024-24855, CVE-2024-26596, CVE-2024-28085, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34397, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50246, CVE-2024-53166, CVE-2024-57977, CVE-2024-57996, CVE-2024-58005, CVE-2025-4373, CVE-2025-4598, CVE-2025-21701, CVE-2025-21702, CVE-2025-21712, CVE-2025-21724, CVE-2025-21728, CVE-2025-21745, CVE-2025-21756, CVE-2025-21758, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21795, CVE-2025-21796, CVE-2025-21848, CVE-2025-21862, CVE-2025-21864, CVE-2025-21865, CVE-2025-26465, CVE-2025-31115 et CVE-2025-46836. | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC332 (6GK5332-0GA00-2AC2) versions antérieures à V3.2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC432 (6GK5432-0GR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC432 (6GK5432-0GR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC332 (6GK5332-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 versions sup\u00e9rieures ou \u00e9gales \u00e0V3.1.5 pour les vuln\u00e9rabilit\u00e9s CVE-2021-41617, CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5363, CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-46218, CVE-2023-46219, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-52927, CVE-2024-2961, CVE-2024-6119, CVE-2024-6387, CVE-2024-12133, CVE-2024-12243, CVE-2024-24855, CVE-2024-26596, CVE-2024-28085, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34397, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50246, CVE-2024-53166, CVE-2024-57977, CVE-2024-57996, CVE-2024-58005, CVE-2025-4373, CVE-2025-4598, CVE-2025-21701, CVE-2025-21702, CVE-2025-21712, CVE-2025-21724, CVE-2025-21728, CVE-2025-21745, CVE-2025-21756, CVE-2025-21758, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21795, CVE-2025-21796, CVE-2025-21848, CVE-2025-21862, CVE-2025-21864, CVE-2025-21865, CVE-2025-26465, CVE-2025-31115 et CVE-2025-46836.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC332 (6GK5332-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-41797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41797"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-40568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40568"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2025-40569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40569"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2024-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26596"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2025-46836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46836"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-40567",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40567"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2024-6387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2024-50246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50246"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
}
],
"initial_release_date": "2025-06-11T00:00:00",
"last_revision_date": "2025-06-11T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0492",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-082556",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-633269",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-633269.html"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693776",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html"
}
]
}