CVE-2023-44321

Summary

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Affected Software

VendorProductVersion RangeStatus
SiemensRUGGEDCOM RM1224 LTE(4G) EU0 < V8.1affected
SiemensRUGGEDCOM RM1224 LTE(4G) NAM0 < V8.1affected
SiemensSCALANCE M804PB0 < V8.1affected
SiemensSCALANCE M812-1 ADSL-Router family0 < V8.1affected
SiemensSCALANCE M816-1 ADSL-Router family0 < V8.1affected
SiemensSCALANCE M826-2 SHDSL-Router0 < V8.1affected
SiemensSCALANCE M874-20 < V8.1affected
SiemensSCALANCE M874-30 < V8.1affected
SiemensSCALANCE M874-3 3G-Router (CN)0 < V8.1affected
SiemensSCALANCE M876-30 < V8.1affected
SiemensSCALANCE M876-3 (ROK)0 < V8.1affected
SiemensSCALANCE M876-40 < V8.1affected
SiemensSCALANCE M876-4 (EU)0 < V8.1affected
SiemensSCALANCE M876-4 (NAM)0 < V8.1affected
SiemensSCALANCE MUM853-1 (A1)0 < V8.1affected
SiemensSCALANCE MUM853-1 (B1)0 < V8.1affected
SiemensSCALANCE MUM853-1 (EU)0 < V8.1affected
SiemensSCALANCE MUM856-1 (A1)0 < V8.1affected
SiemensSCALANCE MUM856-1 (B1)0 < V8.1affected
SiemensSCALANCE MUM856-1 (CN)0 < V8.1affected
SiemensSCALANCE MUM856-1 (EU)0 < V8.1affected
SiemensSCALANCE MUM856-1 (RoW)0 < V8.1affected
SiemensSCALANCE S615 EEC LAN-Router0 < V8.1affected
SiemensSCALANCE S615 LAN-Router0 < V8.1affected
SiemensSCALANCE XB205-3 (SC, PN)0 < V4.6affected
SiemensSCALANCE XB205-3 (ST, E/IP)0 < V4.6affected
SiemensSCALANCE XB205-3 (ST, E/IP)0 < V4.6affected
SiemensSCALANCE XB205-3 (ST, PN)0 < V4.6affected
SiemensSCALANCE XB205-3LD (SC, E/IP)0 < V4.6affected
SiemensSCALANCE XB205-3LD (SC, PN)0 < V4.6affected
SiemensSCALANCE XB206-2 (SC)0 < V4.6affected
SiemensSCALANCE XB206-2 (ST/BFOC)0 < V4.6affected
SiemensSCALANCE XB206-2 LD0 < V4.6affected
SiemensSCALANCE XB206-2 SC0 < V4.6affected
SiemensSCALANCE XB206-2 ST0 < V4.6affected
SiemensSCALANCE XB206-2LD0 < V4.6affected
SiemensSCALANCE XB208 (E/IP)0 < V4.6affected
SiemensSCALANCE XB208 (PN)0 < V4.6affected
SiemensSCALANCE XB213-3 (SC, E/IP)0 < V4.6affected
SiemensSCALANCE XB213-3 (SC, PN)0 < V4.6affected
SiemensSCALANCE XB213-3 (ST, E/IP)0 < V4.6affected
SiemensSCALANCE XB213-3 (ST, PN)0 < V4.6affected
SiemensSCALANCE XB213-3LD (SC, E/IP)0 < V4.6affected
SiemensSCALANCE XB213-3LD (SC, PN)0 < V4.6affected
SiemensSCALANCE XB216 (E/IP)0 < V4.6affected
SiemensSCALANCE XB216 (PN)0 < V4.6affected
SiemensSCALANCE XC206-2 (SC)0 < V4.6affected
SiemensSCALANCE XC206-2 (ST/BFOC)0 < V4.6affected
SiemensSCALANCE XC206-2G PoE0 < V4.6affected
SiemensSCALANCE XC206-2G PoE (54 V DC)0 < V4.6affected
SiemensSCALANCE XC206-2G PoE EEC (54 V DC)0 < V4.6affected
SiemensSCALANCE XC206-2SFP0 < V4.6affected
SiemensSCALANCE XC206-2SFP EEC0 < V4.6affected
SiemensSCALANCE XC206-2SFP G0 < V4.6affected
SiemensSCALANCE XC206-2SFP G (EIP DEF.)0 < V4.6affected
SiemensSCALANCE XC206-2SFP G EEC0 < V4.6affected
SiemensSCALANCE XC2080 < V4.6affected
SiemensSCALANCE XC208EEC0 < V4.6affected
SiemensSCALANCE XC208G0 < V4.6affected
SiemensSCALANCE XC208G (EIP def.)0 < V4.6affected
SiemensSCALANCE XC208G EEC0 < V4.6affected
SiemensSCALANCE XC208G PoE0 < V4.6affected
SiemensSCALANCE XC208G PoE (54 V DC)0 < V4.6affected
SiemensSCALANCE XC2160 < V4.6affected
SiemensSCALANCE XC216-3G PoE0 < V4.6affected
SiemensSCALANCE XC216-3G PoE (54 V DC)0 < V4.6affected
SiemensSCALANCE XC216-4C0 < V4.6affected
SiemensSCALANCE XC216-4C G0 < V4.6affected
SiemensSCALANCE XC216-4C G (EIP Def.)0 < V4.6affected
SiemensSCALANCE XC216-4C G EEC0 < V4.6affected
SiemensSCALANCE XC216EEC0 < V4.6affected
SiemensSCALANCE XC2240 < V4.6affected
SiemensSCALANCE XC224-4C G0 < V4.6affected
SiemensSCALANCE XC224-4C G (EIP Def.)0 < V4.6affected
SiemensSCALANCE XC224-4C G EEC0 < V4.6affected
SiemensSCALANCE XF2040 < V4.6affected
SiemensSCALANCE XF204 DNA0 < V4.6affected
SiemensSCALANCE XF204-2BA0 < V4.6affected
SiemensSCALANCE XF204-2BA DNA0 < V4.6affected
SiemensSCALANCE XF204G0 < V4.6affected
SiemensSCALANCE XP2080 < V4.6affected
SiemensSCALANCE XP2080 < V4.6affected
SiemensSCALANCE XP208 (Ethernet/IP)0 < V4.6affected
SiemensSCALANCE XP208EEC0 < V4.6affected
SiemensSCALANCE XP208EEC0 < V4.6affected
SiemensSCALANCE XP208G0 < V4.6affected
SiemensSCALANCE XP208G EEC0 < V4.6affected
SiemensSCALANCE XP208G PoE EEC0 < V4.6affected
SiemensSCALANCE XP208G PP0 < V4.6affected
SiemensSCALANCE XP208PoE EEC0 < V4.6affected
SiemensSCALANCE XP208PoE EEC0 < V4.6affected
SiemensSCALANCE XP2160 < V4.6affected
SiemensSCALANCE XP216 (Ethernet/IP)0 < V4.6affected
SiemensSCALANCE XP216 (V2)0 < V4.6affected
SiemensSCALANCE XP216EEC0 < V4.6affected
SiemensSCALANCE XP216EEC (V2)0 < V4.6affected
SiemensSCALANCE XP216G0 < V4.6affected
SiemensSCALANCE XP216G EEC0 < V4.6affected
SiemensSCALANCE XP216G PoE EEC0 < V4.6affected
SiemensSCALANCE XP216POE EEC0 < V4.6affected
SiemensSCALANCE XP216PoE EEC (V2)0 < V4.6affected
SiemensSCALANCE XR324WG (24 x FE, AC 230V)0 < V4.6affected
SiemensSCALANCE XR324WG (24 X FE, DC 24V)0 < V4.6affected
SiemensSCALANCE XR326-2C PoE WG0 < V4.6affected
SiemensSCALANCE XR326-2C PoE WG (without UL)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (24XFE, 4XGE, 24V)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (28xGE, AC 230V)0 < V4.6affected
SiemensSCALANCE XR328-4C WG (28xGE, DC 24V)0 < V4.6affected
SiemensSIPLUS NET SCALANCE XC206-20 < V4.6affected
SiemensSIPLUS NET SCALANCE XC206-2SFP0 < V4.6affected
SiemensSIPLUS NET SCALANCE XC2080 < V4.6affected
SiemensSIPLUS NET SCALANCE XC216-4C0 < V4.6affected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References