PatchSiren cyber security CVE debrief
CVE-2023-44322 Siemens CVE debrief
CVE-2023-44322 affects multiple Siemens SCALANCE W700 wireless devices that can be configured to send email notifications for device events. If the device receives an invalid SMTP server response, it can enter an error state that disrupts email sending. In practice, a network-accessible attacker could use this to suppress notifications about certain events. Siemens and CISA published the advisory on 2025-02-11 and later revised it on 2025-05-06 for typo fixes.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- LOW 3.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-02-13
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-02-13
Who should care
Operators and administrators of Siemens SCALANCE WAB/WAM/WUB/WUM wireless devices, especially environments that rely on email alerts for operational or safety monitoring. Network defenders should also care if the devices are exposed to untrusted network segments or if notification loss would delay response.
Technical summary
The issue is an availability problem in email-notification handling. Affected devices can be configured to send mail on certain events; when the SMTP server returns an invalid response, the device triggers an error that interrupts email sending. The supplied advisory states that an attacker with network access can leverage this behavior to disable user notifications for certain events. The CVSS vector reflects network attackability with low availability impact and no confidentiality or integrity impact (CVSS 3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
Defensive priority
Patch on a normal maintenance cycle, and move it higher if the device is used for critical alerts or is reachable from less-trusted networks. The impact is limited to notification disruption, but that can still affect operational response.
Recommended defensive actions
- Update affected devices to V3.0.0 or later, as directed by Siemens.
- Verify whether the device is configured to send email notifications and confirm that alerting still works after remediation.
- Restrict network access to management and SMTP-related paths so untrusted hosts cannot interact with the device unnecessarily.
- Monitor for failed or missing notification behavior and treat repeated SMTP errors as an operational warning sign.
- Use Siemens and CISA advisory references to validate affected product IDs and rollout guidance before scheduling changes.
Evidence notes
The source advisory describes a device error triggered by an invalid SMTP server response that disrupts email sending, and explicitly states that an attacker with network access can disable notifications. The advisory applies to 19 Siemens SCALANCE device variants and recommends updating to V3.0.0 or later. The provided CVSS vector is AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L, matching a low-severity availability issue. No KEV listing or ransomware association is present in the supplied corpus.
Official resources
-
CVE-2023-44322 CVE record
CVE.org
-
CVE-2023-44322 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the Siemens/CISA advisory on 2025-02-11; the advisory was revised on 2025-05-06 for typo fixes. Use the CVE published date for timing context, not later publication or review dates.