PatchSiren cyber security CVE debrief
CVE-2023-45853 Siemens CVE debrief
CVE-2023-45853 is a critical memory-corruption flaw tied to MiniZip in zlib through 1.3 and mapped by Siemens to multiple SCALANCE WAB/WAM/WUB/WUM devices. The issue is described as an integer overflow that can lead to a heap-based buffer overflow in zipOpenNewFileInZip4_64 when processing a long filename, comment, or extra field. Siemens’ advisory and the CISA CSAF record were published on 2025-02-11 and later revised on 2025-05-06 for typo fixes only. Siemens lists an update to V3.0.0 or later as the remediation for the affected product variants.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
OT and industrial network operators using the listed Siemens SCALANCE devices, along with plant security teams, vulnerability management teams, and maintenance staff responsible for firmware/software updates and change control.
Technical summary
The underlying flaw is in MiniZip, described in the advisory as part of zlib through 1.3, where an integer overflow can trigger a heap-based buffer overflow in zipOpenNewFileInZip4_64 when a long filename, comment, or extra field is handled. The CISA CSAF advisory (ICSA-25-044-09) maps this issue to 19 Siemens SCALANCE product variants, including WAB762-1, WAM763-1, WAM766-1, WUB762-1, and WUM763-1/WUM766-1 models and regional variants. The CVSS vector is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), which is consistent with a high-severity, remotely reachable software flaw in the affected component set. Siemens’ listed fix is V3.0.0 or later.
Defensive priority
Urgent. Treat as a top-priority OT remediation item because the advisory rates the issue critical (CVSS 9.8) and Siemens provides a vendor fix for the affected SCALANCE product set.
Recommended defensive actions
- Update affected Siemens SCALANCE devices to V3.0.0 or later, following Siemens’ advisory guidance.
- Inventory all impacted SCALANCE model and part numbers to confirm whether any deployed assets match the 19 affected variants listed in the CSAF advisory.
- Plan updates through standard OT change windows and verify configuration/backup readiness before applying firmware or software changes.
- Restrict exposure of management interfaces and minimize unnecessary network access to affected industrial devices while remediation is underway.
- Use Siemens and CISA advisory references to verify product-specific applicability and any implementation notes before deployment.
- Apply established ICS defense-in-depth practices to reduce risk from other vulnerabilities and limit blast radius in case of compromise.
Evidence notes
The CISA CSAF source item for ICSA-25-044-09 and Siemens’ referenced advisory both identify CVE-2023-45853, publish date 2025-02-11, and revision 2 on 2025-05-06 with the note that the revision fixed typos. The source corpus lists 19 affected Siemens SCALANCE product variants and a remediation of V3.0.0 or later. The vulnerability description in the source explicitly states that MiniZip is not a supported part of the zlib product, which is important context for understanding component scope.
Official resources
-
CVE-2023-45853 CVE record
CVE.org
-
CVE-2023-45853 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in Siemens advisory SSA-769027 and CISA ICS Advisory ICSA-25-044-09 on 2025-02-11; the source record was revised on 2025-05-06 for typo fixes only.