PatchSiren cyber security CVE debrief
CVE-2023-44317 Siemens CVE debrief
CVE-2023-44317 is a high-severity vulnerability in Siemens SCALANCE W700 series industrial wireless access points. The issue stems from improper validation of uploaded X.509 certificates, which could allow an attacker with administrative privileges to execute arbitrary code on affected devices. The vulnerability was published on June 11, 2024, and a vendor fix was added to the advisory on January 14, 2025. The CVSS v3.1 score of 7.2 reflects high impact on confidentiality, integrity, and availability, though the attack requires high privileges and network access. Nineteen product variants are affected, including SCALANCE WAB762-1, WAM763-1, WAM766-1, WUB762-1, and WUM763-1 series devices. Siemens has released firmware version 3.0.0 to address this vulnerability. Organizations should prioritize patching, restrict administrative access to trusted networks, and follow CISA's defense-in-depth guidance for industrial control systems.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- HIGH 7.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-02-13
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-02-13
Who should care
Industrial network administrators, OT security teams, and organizations deploying Siemens SCALANCE W700 wireless access points in manufacturing, critical infrastructure, or industrial environments should prioritize this vulnerability. The arbitrary code execution capability poses significant risk to network segmentation and operational technology security.
Technical summary
The vulnerability exists in the certificate upload functionality of SCALANCE W700 series firmware. Insufficient validation of X.509 certificate content allows a privileged attacker to supply malicious certificate data that results in code execution on the device. The attack vector is network-based, requires low attack complexity, and high privileges (administrative access), with no user interaction required. Successful exploitation grants complete control over the affected device (high impact to confidentiality, integrity, and availability).
Defensive priority
high
Recommended defensive actions
- Update affected SCALANCE W700 series devices to firmware version 3.0.0 or later
- Restrict administrative access to management interfaces using network segmentation and access control lists
- Monitor for unauthorized certificate uploads or configuration changes on affected devices
- Apply defense-in-depth strategies per CISA ICS recommended practices
- Verify firmware integrity through Siemens official support channels before deployment
Evidence notes
Vulnerability description and affected products confirmed via CISA CSAF advisory ICSA-24-165-12. Vendor fix (V3.0.0) added in advisory revision dated 2025-01-14. CVSS vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H sourced from CSAF data.
Official resources
-
CVE-2023-44317 CVE record
CVE.org
-
CVE-2023-44317 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11