CVE-2023-44321

Description

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Category

5.1
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.06%
Vendor Advisory siemens.com
Affected: Siemens RUGGEDCOM RM1224 LTE(4G) EU
Affected: Siemens RUGGEDCOM RM1224 LTE(4G) NAM
Affected: Siemens SCALANCE M804PB
Affected: Siemens SCALANCE M812-1 ADSL-Router family
Affected: Siemens SCALANCE M816-1 ADSL-Router family
Affected: Siemens SCALANCE M826-2 SHDSL-Router
Affected: Siemens SCALANCE M874-2
Affected: Siemens SCALANCE M874-3
Affected: Siemens SCALANCE M874-3 3G-Router (CN)
Affected: Siemens SCALANCE M876-3
Affected: Siemens SCALANCE M876-3 (ROK)
Affected: Siemens SCALANCE M876-4
Affected: Siemens SCALANCE M876-4 (EU)
Affected: Siemens SCALANCE M876-4 (NAM)
Affected: Siemens SCALANCE MUM853-1 (A1)
Affected: Siemens SCALANCE MUM853-1 (B1)
Affected: Siemens SCALANCE MUM853-1 (EU)
Affected: Siemens SCALANCE MUM856-1 (A1)
Affected: Siemens SCALANCE MUM856-1 (B1)
Affected: Siemens SCALANCE MUM856-1 (CN)
Affected: Siemens SCALANCE MUM856-1 (EU)
Affected: Siemens SCALANCE MUM856-1 (RoW)
Affected: Siemens SCALANCE S615 EEC LAN-Router
Affected: Siemens SCALANCE S615 LAN-Router
Affected: Siemens SCALANCE XB205-3 (SC, PN)
Affected: Siemens SCALANCE XB205-3 (ST, E/IP)
Affected: Siemens SCALANCE XB205-3 (ST, E/IP)
Affected: Siemens SCALANCE XB205-3 (ST, PN)
Affected: Siemens SCALANCE XB205-3LD (SC, E/IP)
Affected: Siemens SCALANCE XB205-3LD (SC, PN)
Affected: Siemens SCALANCE XB208 (E/IP)
Affected: Siemens SCALANCE XB208 (PN)
Affected: Siemens SCALANCE XB213-3 (SC, E/IP)
Affected: Siemens SCALANCE XB213-3 (SC, PN)
Affected: Siemens SCALANCE XB213-3 (ST, E/IP)
Affected: Siemens SCALANCE XB213-3 (ST, PN)
Affected: Siemens SCALANCE XB213-3LD (SC, E/IP)
Affected: Siemens SCALANCE XB213-3LD (SC, PN)
Affected: Siemens SCALANCE XB216 (E/IP)
Affected: Siemens SCALANCE XB216 (PN)
Affected: Siemens SCALANCE XC206-2 (SC)
Affected: Siemens SCALANCE XC206-2 (ST/BFOC)
Affected: Siemens SCALANCE XC206-2G PoE
Affected: Siemens SCALANCE XC206-2G PoE (54 V DC)
Affected: Siemens SCALANCE XC206-2G PoE EEC (54 V DC)
Affected: Siemens SCALANCE XC206-2SFP
Affected: Siemens SCALANCE XC206-2SFP EEC
Affected: Siemens SCALANCE XC206-2SFP G
Affected: Siemens SCALANCE XC206-2SFP G (EIP DEF.)
Affected: Siemens SCALANCE XC206-2SFP G EEC
Affected: Siemens SCALANCE XC208
Affected: Siemens SCALANCE XC208EEC
Affected: Siemens SCALANCE XC208G
Affected: Siemens SCALANCE XC208G (EIP def.)
Affected: Siemens SCALANCE XC208G EEC
Affected: Siemens SCALANCE XC208G PoE
Affected: Siemens SCALANCE XC208G PoE (54 V DC)
Affected: Siemens SCALANCE XC216
Affected: Siemens SCALANCE XC216-3G PoE
Affected: Siemens SCALANCE XC216-3G PoE (54 V DC)
Affected: Siemens SCALANCE XC216-4C
Affected: Siemens SCALANCE XC216-4C G
Affected: Siemens SCALANCE XC216-4C G (EIP Def.)
Affected: Siemens SCALANCE XC216-4C G EEC
Affected: Siemens SCALANCE XC216EEC
Affected: Siemens SCALANCE XC224
Affected: Siemens SCALANCE XC224-4C G
Affected: Siemens SCALANCE XC224-4C G (EIP Def.)
Affected: Siemens SCALANCE XC224-4C G EEC
Affected: Siemens SCALANCE XF204
Affected: Siemens SCALANCE XF204 DNA
Affected: Siemens SCALANCE XF204-2BA
Affected: Siemens SCALANCE XF204-2BA DNA
Affected: Siemens SCALANCE XP208
Affected: Siemens SCALANCE XP208 (Ethernet/IP)
Affected: Siemens SCALANCE XP208EEC
Affected: Siemens SCALANCE XP208PoE EEC
Affected: Siemens SCALANCE XP216
Affected: Siemens SCALANCE XP216 (Ethernet/IP)
Affected: Siemens SCALANCE XP216EEC
Affected: Siemens SCALANCE XP216POE EEC
Affected: Siemens SCALANCE XR324WG (24 x FE, AC 230V)
Affected: Siemens SCALANCE XR324WG (24 X FE, DC 24V)
Affected: Siemens SCALANCE XR326-2C PoE WG
Affected: Siemens SCALANCE XR326-2C PoE WG (without UL)
Affected: Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)
Affected: Siemens SCALANCE XR328-4C WG (28xGE, AC 230V)
Affected: Siemens SCALANCE XR328-4C WG (28xGE, DC 24V)
Affected: Siemens SIPLUS NET SCALANCE XC206-2
Affected: Siemens SIPLUS NET SCALANCE XC206-2SFP
Affected: Siemens SIPLUS NET SCALANCE XC208
Affected: Siemens SIPLUS NET SCALANCE XC216-4C
Published at:
Updated at:

References

Link Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf vendor advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf
https://cert-portal.siemens.com/productcert/html/ssa-699386.html
https://cert-portal.siemens.com/productcert/html/ssa-180704.html
https://cert-portal.siemens.com/productcert/html/ssa-602936.html
https://cert-portal.siemens.com/productcert/html/ssa-353002.html
https://cert-portal.siemens.com/productcert/html/ssa-087301.html

Frequently Asked Questions

What is the severity of CVE-2023-44321?
CVE-2023-44321 has been scored as a medium severity vulnerability.
How to fix CVE-2023-44321?
To fix CVE-2023-44321, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-44321 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-44321 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-44321?
CVE-2023-44321 affects Siemens RUGGEDCOM RM1224 LTE(4G) EU, Siemens RUGGEDCOM RM1224 LTE(4G) NAM, Siemens SCALANCE M804PB, Siemens SCALANCE M812-1 ADSL-Router family, Siemens SCALANCE M816-1 ADSL-Router family, Siemens SCALANCE M826-2 SHDSL-Router, Siemens SCALANCE M874-2, Siemens SCALANCE M874-3, Siemens SCALANCE M874-3 3G-Router (CN), Siemens SCALANCE M876-3, Siemens SCALANCE M876-3 (ROK), Siemens SCALANCE M876-4, Siemens SCALANCE M876-4 (EU), Siemens SCALANCE M876-4 (NAM), Siemens SCALANCE MUM853-1 (A1), Siemens SCALANCE MUM853-1 (B1), Siemens SCALANCE MUM853-1 (EU), Siemens SCALANCE MUM856-1 (A1), Siemens SCALANCE MUM856-1 (B1), Siemens SCALANCE MUM856-1 (CN), Siemens SCALANCE MUM856-1 (EU), Siemens SCALANCE MUM856-1 (RoW), Siemens SCALANCE S615 EEC LAN-Router, Siemens SCALANCE S615 LAN-Router, Siemens SCALANCE XB205-3 (SC, PN), Siemens SCALANCE XB205-3 (ST, E/IP), Siemens SCALANCE XB205-3 (ST, E/IP), Siemens SCALANCE XB205-3 (ST, PN), Siemens SCALANCE XB205-3LD (SC, E/IP), Siemens SCALANCE XB205-3LD (SC, PN), Siemens SCALANCE XB208 (E/IP), Siemens SCALANCE XB208 (PN), Siemens SCALANCE XB213-3 (SC, E/IP), Siemens SCALANCE XB213-3 (SC, PN), Siemens SCALANCE XB213-3 (ST, E/IP), Siemens SCALANCE XB213-3 (ST, PN), Siemens SCALANCE XB213-3LD (SC, E/IP), Siemens SCALANCE XB213-3LD (SC, PN), Siemens SCALANCE XB216 (E/IP), Siemens SCALANCE XB216 (PN), Siemens SCALANCE XC206-2 (SC), Siemens SCALANCE XC206-2 (ST/BFOC), Siemens SCALANCE XC206-2G PoE, Siemens SCALANCE XC206-2G PoE (54 V DC), Siemens SCALANCE XC206-2G PoE EEC (54 V DC), Siemens SCALANCE XC206-2SFP, Siemens SCALANCE XC206-2SFP EEC, Siemens SCALANCE XC206-2SFP G, Siemens SCALANCE XC206-2SFP G (EIP DEF.), Siemens SCALANCE XC206-2SFP G EEC, Siemens SCALANCE XC208, Siemens SCALANCE XC208EEC, Siemens SCALANCE XC208G, Siemens SCALANCE XC208G (EIP def.), Siemens SCALANCE XC208G EEC, Siemens SCALANCE XC208G PoE, Siemens SCALANCE XC208G PoE (54 V DC), Siemens SCALANCE XC216, Siemens SCALANCE XC216-3G PoE, Siemens SCALANCE XC216-3G PoE (54 V DC), Siemens SCALANCE XC216-4C, Siemens SCALANCE XC216-4C G, Siemens SCALANCE XC216-4C G (EIP Def.), Siemens SCALANCE XC216-4C G EEC, Siemens SCALANCE XC216EEC, Siemens SCALANCE XC224, Siemens SCALANCE XC224-4C G, Siemens SCALANCE XC224-4C G (EIP Def.), Siemens SCALANCE XC224-4C G EEC, Siemens SCALANCE XF204, Siemens SCALANCE XF204 DNA, Siemens SCALANCE XF204-2BA, Siemens SCALANCE XF204-2BA DNA, Siemens SCALANCE XP208, Siemens SCALANCE XP208 (Ethernet/IP), Siemens SCALANCE XP208EEC, Siemens SCALANCE XP208PoE EEC, Siemens SCALANCE XP216, Siemens SCALANCE XP216 (Ethernet/IP), Siemens SCALANCE XP216EEC, Siemens SCALANCE XP216POE EEC, Siemens SCALANCE XR324WG (24 x FE, AC 230V), Siemens SCALANCE XR324WG (24 X FE, DC 24V), Siemens SCALANCE XR326-2C PoE WG, Siemens SCALANCE XR326-2C PoE WG (without UL), Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), Siemens SCALANCE XR328-4C WG (28xGE, AC 230V), Siemens SCALANCE XR328-4C WG (28xGE, DC 24V), Siemens SIPLUS NET SCALANCE XC206-2, Siemens SIPLUS NET SCALANCE XC206-2SFP, Siemens SIPLUS NET SCALANCE XC208, Siemens SIPLUS NET SCALANCE XC216-4C.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.