A high-risk vulnerability has been identified in Siemens SCALANCE W700 802.11 AX Family devices, specifically affecting versions prior to V2.4.0. This vulnerability, classified as a “Improper Neutralization of Special Elements in Output Used by a Downstream Component” or injection vulnerability (CWE-74), allows authenticated remote attackers with administrative privileges to inject malicious code or spawn a system root shell. The issue arises due to improper input sanitization, making it possible for attackers to exploit this flaw to gain control over the affected systems.
The affected products include various models in the SCALANCE W700 802.11 AX Family, such as the WAB762-1, WAM763-1, and WUM766-1, among others. All versions prior to V2.4.0 are vulnerable. Siemens has assigned CVE-2023-44373 to this issue, with a CVSS v4 score of 9.4, indicating a high severity. This vulnerability is exploitable remotely and has low attack complexity, making it a critical concern for organizations relying on these devices, particularly in sectors such as energy, chemical, and critical manufacturing.
To mitigate the risk, Siemens has released an updated version (V2.4.0) for all affected SCALANCE W700 devices. Siemens strongly advises users to upgrade to this new version to protect against potential exploits. As a general security measure, Siemens recommends securing network access to these devices and configuring them in accordance with industrial security guidelines. Users are urged to avoid opening untrusted files or connections and to apply strong security measures for network protection.
CISA has issued specific recommendations to minimize the exposure of control systems, such as isolating devices from the internet, using firewalls, and employing secure remote access methods like VPNs. The agency also emphasizes the importance of performing risk assessments before implementing any security measures. While no known public exploitation has been reported, organizations should remain vigilant and report any suspicious activity to CISA for tracking and mitigation.
Reference:
