CVE-2024-4603 Siemens CVE debrief

Who should care

Industrial control and OT teams running Siemens SCALANCE WAB/WAM/WUB/WUM W700 devices, especially administrators responsible for firmware maintenance, device hardening, and exposure of management or certificate-handling workflows.

Technical summary

The underlying issue is that EVP_PKEY_param_check() and EVP_PKEY_public_check() can take excessive time when validating DSA parameters with very large modulus values. If an application feeds untrusted DSA keys or parameters into those checks, an attacker may be able to trigger a denial of service through resource exhaustion. The source notes that OpenSSL’s SSL/TLS implementation is not affected on untrusted DSA keys, while the OpenSSL 3.0 and 3.1 FIPS providers are affected; Siemens lists 19 SCALANCE W700 product variants as affected and provides a firmware fix path.

Defensive priority

Medium

Recommended defensive actions

• Update affected Siemens SCALANCE W700 devices to V3.0.0 or later.
• Inventory the 19 affected SCALANCE product variants and confirm current firmware versions.
• Review any application or integration that performs direct DSA parameter/public key checks on untrusted input.
• Limit exposure of device management and trust-related interfaces to trusted networks and administrators.
• Follow CISA ICS recommended practices for segmentation, access control, and monitoring.

Evidence notes

CISA’s CSAF advisory ICSA-25-044-09 was published on 2025-02-11 and revised on 2025-05-06 for typo fixes only. The advisory lists 19 affected Siemens SCALANCE W700 product variants and recommends updating to V3.0.0 or later. The CVE description states the impact is denial of service from slow DSA parameter/public key checks when very large modulus values are processed from untrusted sources. The advisory text also states that OpenSSL’s SSL/TLS implementation is not affected, and that the OpenSSL 3.0 and 3.1 FIPS providers are affected.

Official resources