CRITICALVulnerability
Global

Siemens Industrial Devices

ยทSource: CISA Advisories

Updated:

Executive Summary

View CSAF Summary Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions.

Analysis

View CSAF Summary Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. The following versions of Siemens Industrial Devices are affected: IE/PB LINK HA (6GK1411-5BB00) vers:all/* (CVE-2025-40833) IE/PB link PN IO (6GK1411-5AB10) vers:all/* (CVE-2025-40833) RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) vers:intdot/ RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) vers:intdot/ SCALANCE M804PB (6GK5804-0AP00-2AA2) vers:intdot/ SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) vers:intdot/ SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) vers:intdot/ SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) vers:intdot/ SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) vers:intdot/ SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) vers:intdot/ SCALANCE M874-2 (6GK5874-2AA00-2AA2) vers:intdot/ SCALANCE M874-3 (6GK5874-3AA00-2AA2) vers:intdot/ SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) vers:intdot/ SCALANCE M876-3 (6GK5876-3AA02-2BA2) vers:intdot/ SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) vers:intdot/ SCALANCE M876-4 (6GK5876-4AA10-2BA2) vers:intdot/ SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) vers:intdot/ SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) vers:intdot/ SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) vers:intdot/ SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) vers:intdot/ SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) vers:intdot/ SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) vers:intdot/ SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) vers:intdot/ SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) vers:intdot/ SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) vers:intdot/ SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) vers:intdot/ SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) vers:intdot/ SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) vers:intdot/ SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) vers:intdot/ SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) vers:intdot/ SCALANCE SC622-2C (6GK5622-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE SC626-2C (6GK5626-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE SC632-2C (6GK5632-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE SC636-2C (6GK5636-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE SC642-2C (6GK5642-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE SC646-2C (6GK5646-2GS00-2AC2) vers:all/* (CVE-2025-40833) SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) vers:all/* (CVE-2025-40833) SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) vers:all/* (CVE-2025-40833) SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) vers:all/* (CVE-2025-40833) SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) vers:all/* (CVE-2025-40833) SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) vers:all/* (CVE-2025-40833) SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) vers:all/* (CVE-2025-40833) SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) vers:intdot/ SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) vers:intdot/ SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) vers:intdot/ SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) vers:intdot/ SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) vers:intdot/ SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) vers:intdot/ SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) vers:intdot/ SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) vers:intdot/ SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) vers:intdot/ SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) vers:intdot/ SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) vers:intdot/ SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) vers:intdot/ SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) vers:intdot/ SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) vers:intdot/ SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) vers:intdot/ SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) vers:intdot/ SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) vers:intdot/ SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) vers:intdot/ SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) vers:intdot/ SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) vers:intdot/ SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) vers:intdot/ SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) vers:intdot/ SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) vers:intdot/ SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) vers:intdot/ SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) vers:intdot/ SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) vers:intdot/ SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) vers:intdot/ SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) vers:intdot/ SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) vers:intdot/ SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) vers:intdot/ SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) vers:intdot/ SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) vers:intdot/ SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) vers:intdot/ SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) vers:intdot/ SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) vers:intdot/ SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) vers:intdot/ SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) vers:intdot/ SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) vers:intdot/ SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) vers:intdot/ SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) vers:intdot/ SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) vers:intdot/ SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) vers:intdot/ SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) vers:intdot/ SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) vers:intdot/ SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) vers:intdot/ SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) vers:intdot/ SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) vers:intdot/ SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) vers:intdot/ SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) vers:intdot/ SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) vers:intdot/ SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) vers:intdot/ SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) vers:intdot/ SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) vers:intdot/ SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) vers:intdot/ SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) vers:intdot/ SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) vers:intdot/ SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) vers:intdot/ SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) vers:intdot/ SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) vers:intdot/ SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) vers:intdot/ SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) vers:intdot/ SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) vers:intdot/ SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) vers:intdot/ SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) vers:intdot/ SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) vers:intdot/ SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) vers:intdot/ SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) vers:intdot/ SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) vers:intdot/ SCALANCE X204-2 (6GK5204-2BB10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X204-2FM (6GK5204-2BB11-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X204-2LD (6GK5204-2BC10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2) vers:all/* (CVE-2025-40833) SCALANCE X204-2TS (6GK5204-2BB10-2CA2) vers:all/* (CVE-2025-40833) SCALANCE X206-1 (6GK5206-1BB10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X206-1LD (6GK5206-1BC10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X208 (6GK5208-0BA10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X208PRO (6GK5208-0HA10-2AA6) vers:all/* (CVE-2025-40833) SCALANCE X212-2 (6GK5212-2BB00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X212-2LD (6GK5212-2BC00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X216 (6GK5216-0BA00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X224 (6GK5224-0BA00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3) vers:all/* (CVE-2025-40833) SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3) vers:all/* (CVE-2025-40833) SCALANCE X304-2FE (6GK5304-2BD00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3) vers:all/* (CVE-2025-40833) SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3) vers:all/* (CVE-2025-40833) SCALANCE X307-3 (6GK5307-3BL00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X307-3 (6GK5307-3BL10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X307-3LD (6GK5307-3BM00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X307-3LD (6GK5307-3BM10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2 (6GK5308-2FL00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2 RD (inkl. SIPLUS variants) vers:all/* (CVE-2025-40833) SCALANCE X308-2LD (6GK5308-2FM00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2LD (6GK5308-2FM10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2LH (6GK5308-2FN00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2LH (6GK5308-2FN10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X308-2M (6GK5308-2GG00-2AA2) vers:all/* (CVE-2025-40833) SCALANCE X308-2M (6GK5308-2GG10-2AA2) vers:all/* (CVE-2025-40833) SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2) vers:all/* (CVE-2025-40833) SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2) vers:all/* (CVE-2025-40833) SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) vers:all/* (CVE-2025-40833) SCALANCE X308-2M TS (6GK5308-2GG10-2CA2) vers:all/* (CVE-2025-40833) SCALANCE X310 (6GK5310-0FA00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X310 (6GK5310-0FA10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X310FE (6GK5310-0BA00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X310FE (6GK5310-0BA10-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X320-1 FE (6GK5320-1BD00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) vers:all/* (CVE-2025-40833) SCALANCE X408-2 (6GK5408-2FD00-2AA2) vers:all/* (CVE-2025-40833) SCALANCE XF204 (6GK5204-0BA00-2AF2) vers:all/* (CVE-2025-40833) SCALANCE XF204-2 (6GK5204-2BC00-2AF2) vers:all/* (CVE-2025-40833) SCALANCE XF206-1 (6GK5206-1BC00-2AF2) vers:all/* (CVE-2025-40833) SCALANCE XF208 (6GK5208-0BA00-2AF2) vers:all/* (CVE-2025-40833) SCALANCE XM408-4C (6GK5408-4GP00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XM408-8C (6GK5408-8GS00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XM416-4C (6GK5416-4GS00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2) vers:all/* (CVE-2025-40833) SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) vers:all/* (CVE-2025-40833) SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) vers:all/* (CVE-2025-40833) SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) vers:all/* (CVE-2025-40833) SCALANCE XR528-6M (6GK5528-0AA00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) vers:all/* (CVE-2025-40833) SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) vers:all/* (CVE-2025-40833) SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR552-12M (6GK5552-0AA00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) vers:all/* (CVE-2025-40833) SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) vers:all/* (CVE-2025-40833) SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) vers:all/* (CVE-2025-40833) SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) vers:intdot/ SIMATIC CFU PA (6ES7655-5PX11-0XX0) vers:intdot/ SIMATIC CFU PA (6ES7655-5PX11-1XX0) vers:intdot/ SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC ET 200SP HA IM155-6 PN vers:intdot/ SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) vers:all/* (CVE-2025-40833) SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) vers:all/* (CVE-2025-40833) SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) vers:intdot/ SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) vers:intdot/ SIMIT UNIT V10 vers:all/* (CVE-2025-40833) SIMIT UNIT V11 vers:all/* (CVE-2025-40833) SINAMICS CBE20 vers:all/* (CVE-2025-40833) SINAMICS G115D vers:all/* (CVE-2025-40833) SINAMICS G120 (incl. SIPLUS variants) vers:all/* (CVE-2025-40833) SINAMICS G120C vers:all/* (CVE-2025-40833) SINAMICS G120D vers:all/* (CVE-2025-40833) SINAMICS G120X vers:all/* (CVE-2025-40833) SINAMICS G120XA vers:all/* (CVE-2025-40833) SINAMICS G130 vers:all/* (CVE-2025-40833) SINAMICS G150 vers:all/* (CVE-2025-40833) SINAMICS S110 vers:all/* (CVE-2025-40833) SINAMICS S120 (incl. SIPLUS variants) vers:all/* (CVE-2025-40833) SINAMICS S150 vers:all/* (CVE-2025-40833) SINUMERIK 840D sl vers:all/* (CVE-2025-40833) SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0) vers:all/* (CVE-2025-40833) SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0) vers:all/* (CVE-2025-40833) SIPLUS NET IE/PB link PN IO (6AG1411-5AB10-2AA0) vers:all/* (CVE-2025-40833) SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) vers:all/* (CVE-2025-40833) SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) vers:all/* (CVE-2025-40833) SITOP PSU8600 1AC 20 A/4x5 A PN (6EP3336-8MB00-2CY0) vers:all/* (CVE-2025-40833) SITOP PSU8600 3AC 20 A PN (6EP3436-8SB00-2AY0) vers:all/* (CVE-2025-40833) SITOP PSU8600 3AC 20 A/4x5 A PN (6EP3436-8MB00-2CY0) vers:all/* (CVE-2025-40833) SITOP PSU8600 3AC 40 A PN (6EP3437-8SB00-2AY0) vers:all/* (CVE-2025-40833) SITOP PSU8600 3AC 40 A/4x10 A PN (6EP3437-8MB00-2CY0) vers:all/* (CVE-2025-40833) SITOP PSU8600 3AC 40 A/4x10A EIP (6EP3437-8MB10-2CY0) vers:all/* (CVE-2025-40833) SITOP UPS1600 10 A Ethernet/ PROFINET (6EP4134-3AB00-2AY0) vers:all/* (CVE-2025-40833) SITOP UPS1600 20 A Ethernet/ PROFINET (6EP4136-3AB00-2AY0) vers:all/* (CVE-2025-40833) SITOP UPS1600 40 A Ethernet/ PROFINET (6EP4137-3AB00-2AY0) vers:all/* (CVE-2025-40833) SITOP UPS1600 EX 20 A Ethernet PROFINET (6EP4136-3AC00-2AY0) vers:all/* (CVE-2025-40833) CVSS Vendor Equipment Vulnerabilities v3 7.5 Siemens Siemens Industrial Devices NULL Pointer Dereference Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Expand All + CVE-2025-40833 The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system. View CVE Details Affected Products Siemens Industrial Devices Vendor: Siemens Product Version: IE/PB LINK HA (6GK1411-5BB00), IE/PB link PN IO (6GK1411-5AB10), RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), SCALANCE M874-2 (6GK5874-2AA00-2AA2), SCALANCE M874-3 (6GK5874-3AA00-2AA2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2), SCALANCE M876-3 (6GK5876-3AA02-2BA2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2), SCALANCE M876-4 (6GK5876-4AA10-2BA2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0), SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0), SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0), SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0), SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0), SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0), SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6), SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0), SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6), SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0), SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0), SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0), SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0), SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0), SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0), SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0), SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6), SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0), SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0), SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0), SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0), SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0), SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0), SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0), SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0), SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0), SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0), SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0), SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0), SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0), SCALANCE X204-2 (6GK5204-2BB10-2AA3), SCALANCE X204-2FM (6GK5204-2BB11-2AA3), SCALANCE X204-2LD (6GK5204-2BC10-2AA3), SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2), SCALANCE X204-2TS (6GK5204-2BB10-2CA2), SCALANCE X206-1 (6GK5206-1BB10-2AA3), SCALANCE X206-1LD (6GK5206-1BC10-2AA3), SCALANCE X208 (6GK5208-0BA10-2AA3), SCALANCE X208PRO (6GK5208-0HA10-2AA6), SCALANCE X212-2 (6GK5212-2BB00-2AA3), SCALANCE X212-2LD (6GK5212-2BC00-2AA3), SCALANCE X216 (6GK5216-0BA00-2AA3), SCALANCE X224 (6GK5224-0BA00-2AA3), SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3), SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3), SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3), SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3), SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3), SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3), SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3), SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3), SCALANCE X304-2FE (6GK5304-2BD00-2AA3), SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3), SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3), SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3), SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3), SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3), SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3), SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3), SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3), SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3), SCALANCE X307-3 (6GK5307-3BL00-2AA3), SCALANCE X307-3 (6GK5307-3BL10-2AA3), SCALANCE X307-3LD (6GK5307-3BM00-2AA3), SCALANCE X307-3LD (6GK5307-3BM10-2AA3), SCALANCE X308-2 (6GK5308-2FL00-2AA3), SCALANCE X308-2 RD (inkl. SIPLUS variants), SCALANCE X308-2LD (6GK5308-2FM00-2AA3), SCALANCE X308-2LD (6GK5308-2FM10-2AA3), SCALANCE X308-2LH (6GK5308-2FN00-2AA3), SCALANCE X308-2LH (6GK5308-2FN10-2AA3), SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3), SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3), SCALANCE X308-2M (6GK5308-2GG00-2AA2), SCALANCE X308-2M (6GK5308-2GG10-2AA2), SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2), SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2), SCALANCE X308-2M TS (6GK5308-2GG00-2CA2), SCALANCE X308-2M TS (6GK5308-2GG10-2CA2), SCALANCE X310 (6GK5310-0FA00-2AA3), SCALANCE X310 (6GK5310-0FA10-2AA3), SCALANCE X310FE (6GK5310-0BA00-2AA3), SCALANCE X310FE (6GK5310-0BA10-2AA3), SCALANCE X320-1 FE (6GK5320-1BD00-2AA3), SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3), SCALANCE X408-2 (6GK5408-2FD00-2AA2), SCALANCE XF204 (6GK5204-0BA00-2AF2), SCALANCE XF204-2 (6GK5204-2BC00-2AF2), SCALANCE XF206-1 (6GK5206-1BC00-2AF2), SCALANCE XF208 (6GK5208-0BA00-2AF2), SCALANCE XM408-4C (6GK5408-4GP00-2AM2), SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2), SCALANCE XM408-8C (6GK5408-8GS00-2AM2), SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2), SCALANCE XM416-4C (6GK5416-4GS00-2AM2), SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2), SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2), SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2), SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2), SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2), SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2), SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2), SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2), SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2), SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2), SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2), SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2), SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2), SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2), SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2), SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2), SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2), SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2), SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2), SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2), SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2), SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2), SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2), SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2), SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2), SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2), SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2), SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2), SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2), SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2), SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2), SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2), SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2), SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2), SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2), SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2), SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2), SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2), SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2), SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2), SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2), SCALANCE XR528-6M (6GK5528-0AA00-2AR2), SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2), SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2), SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2), SCALANCE XR552-12M (6GK5552-0AA00-2AR2), SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2), SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2), SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2), SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0), SIMATIC CFU PA (6ES7655-5PX11-1XX0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0), SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0), SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0), SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0), SIMATIC ET 200SP HA IM155-6 PN, SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0), SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0), SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0), SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0), SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0), SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0), SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0), SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0), SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0), SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMIT UNIT V10, SIMIT UNIT V11, SINAMICS CBE20, SINAMICS G115D, SINAMICS G120 (incl. SIPLUS variants), SINAMICS G120C, SINAMICS G120D, SINAMICS G120X, SINAMICS G120XA, SINAMICS G130, SINAMICS G150, SINAMICS S110, SINAMICS S120 (incl. SIPLUS variants), SINAMICS S150, SINUMERIK 840D sl, SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS NET IE/PB link PN IO (6AG1411-5AB10-2AA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0), SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0), SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0), SITOP PSU8600 1AC 20 A/4x5 A PN (6EP3336-8MB00-2CY0), SITOP PSU8600 3AC 20 A PN (6EP3436-8SB00-2AY0), SITOP PSU8600 3AC 20 A/4x5 A PN (6EP3436-8MB00-2CY0), SITOP PSU8600 3AC 40 A PN (6EP3437-8SB00-2AY0), SITOP PSU8600 3AC 40 A/4x10 A PN (6EP3437-8MB00-2CY0), SITOP PSU8600 3AC 40 A/4x10A EIP (6EP3437-8MB10-2CY0), SITOP UPS1600 10 A Ethernet/ PROFINET (6EP4134-3AB00-2AY0), SITOP UPS1600 20 A Ethernet/ PROFINET (6EP4136-3AB00-2AY0), SITOP UPS1600 40 A Ethernet/ PROFINET (6EP4137-3AB00-2AY0), SITOP UPS1600 EX 20 A Ethernet PROFINET (6EP4136-3AC00-2AY0) Product Status: known_affected Remediations Mitigation As a mitigation, disable the ethernet ports on the CPU and use a communication module (like CP) for communication instead Mitigation Restrict access to the affected systems to trusted IP addresses only No fix planned Currently no fix is planned None available Currently no fix is available Vendor fix Update to V10.2 or later version https://support.industry.siemens.com/cs/ww/en/view/109773044/ Vendor fix Update to V2.0.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109781049/ Vendor fix Update to V2.0.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109754628/ Vendor fix Update to V3.2.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109992747/ Vendor fix Update to V6.6.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109996102/ Vendor fix Update to V8.3 or later version https://support.industry.siemens.com/cs/ww/en/view/109476571/ Vendor fix Update to V8.3 or later version https://support.industry.siemens.com/cs/ww/en/view/109989310/ Vendor fix Update to V1.3 or later version Vendor fix https://support.industry.siemens.com/cs/ww/en/view/1029552/ Relevant CWE: CWE-476 NULL Pointer Dereference Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Acknowledgments Siemens ProductCERT reported this vulnerability to CISA. General Recommendations As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity Additional Resources For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories Terms of Use The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use. Legal Notice and Terms of Use This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy). Recommended Practices CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents. Advisory Conversion Disclaimer This ICSA is a verbatim republication of Siemens ProductCERT SSA-392349 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory. Revision History Initial Release Date: 2026-05-12 Date Revision Summary 2026-05-12 1 Publication Date 2026-05-14 2 Initial CISA Republication of Siemens ProductCERT SSA-392349 advisory Legal Notice and Terms of Use

Indicators of Compromise (21)

CVE (1)
CVE-2025-40833
NVDMITRE CVE
URL (15)
https://www.cve.org/CVERecord?id=CVE-2025-40833
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109773044/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109781049/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109754628/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109992747/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109996102/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109476571/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/109989310/
VirusTotalURLhaus
https://support.industry.siemens.com/cs/ww/en/view/1029552/
VirusTotalURLhaus
https://cwe.mitre.org/data/definitions/476.html
VirusTotalURLhaus
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
VirusTotalURLhaus
https://www.siemens.com/cert/operational-guidelines-industrial-security),
VirusTotalURLhaus
https://www.siemens.com/industrialsecurity
VirusTotalURLhaus
https://www.siemens.com/cert/advisories
VirusTotalURLhaus
https://www.siemens.com/productcert/terms-of-use.
VirusTotalURLhaus
Domain (5)
www.cve.org
VirusTotalURLhaus
support.industry.siemens.com
VirusTotalURLhaus
cwe.mitre.org
VirusTotalURLhaus
www.first.org
VirusTotalURLhaus
www.siemens.com
VirusTotalURLhaus
Source Attribution

Originally published by CISA Advisories on May 14, 2026.

Related Threats

MEDIUMVulnerability

Colorado governor commutes prison sentence for election denier Tina Peters

Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months. The post Colorado governor commutes prison sentence for election denier Tina Peters appeared first on CyberScoop .

CyberScoop
MEDIUMVulnerability

More than $10 million stolen from crypto platform THORChain

THORChain officials said the investigation into the incident is ongoing but explained that one of their six vaults was compromised, leading to a loss of about $10.7 million.

The Record
CRITICALVulnerability

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [...]

BleepingComputer