CVE-2023-44321

Description

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Category

5.1
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.06%
Vendor Advisory siemens.com
Affected: Siemens RUGGEDCOM RM1224 LTE(4G) EU
Affected: Siemens RUGGEDCOM RM1224 LTE(4G) NAM
Affected: Siemens SCALANCE M804PB
Affected: Siemens SCALANCE M812-1 ADSL-Router family
Affected: Siemens SCALANCE M816-1 ADSL-Router family
Affected: Siemens SCALANCE M826-2 SHDSL-Router
Affected: Siemens SCALANCE M874-2
Affected: Siemens SCALANCE M874-3
Affected: Siemens SCALANCE M874-3 3G-Router (CN)
Affected: Siemens SCALANCE M876-3
Affected: Siemens SCALANCE M876-3 (ROK)
Affected: Siemens SCALANCE M876-4
Affected: Siemens SCALANCE M876-4 (EU)
Affected: Siemens SCALANCE M876-4 (NAM)
Affected: Siemens SCALANCE MUM853-1 (A1)
Affected: Siemens SCALANCE MUM853-1 (B1)
Affected: Siemens SCALANCE MUM853-1 (EU)
Affected: Siemens SCALANCE MUM856-1 (A1)
Affected: Siemens SCALANCE MUM856-1 (B1)
Affected: Siemens SCALANCE MUM856-1 (CN)
Affected: Siemens SCALANCE MUM856-1 (EU)
Affected: Siemens SCALANCE MUM856-1 (RoW)
Affected: Siemens SCALANCE S615 EEC LAN-Router
Affected: Siemens SCALANCE S615 LAN-Router
Affected: Siemens SCALANCE XB205-3 (SC, PN)
Affected: Siemens SCALANCE XB205-3 (ST, E/IP)
Affected: Siemens SCALANCE XB205-3 (ST, E/IP)
Affected: Siemens SCALANCE XB205-3 (ST, PN)
Affected: Siemens SCALANCE XB205-3LD (SC, E/IP)
Affected: Siemens SCALANCE XB205-3LD (SC, PN)
Affected: Siemens SCALANCE XB206-2 (SC)
Affected: Siemens SCALANCE XB206-2 (ST/BFOC)
Affected: Siemens SCALANCE XB206-2 LD
Affected: Siemens SCALANCE XB206-2 SC
Affected: Siemens SCALANCE XB206-2 ST
Affected: Siemens SCALANCE XB206-2LD
Affected: Siemens SCALANCE XB208 (E/IP)
Affected: Siemens SCALANCE XB208 (PN)
Affected: Siemens SCALANCE XB213-3 (SC, E/IP)
Affected: Siemens SCALANCE XB213-3 (SC, PN)
Affected: Siemens SCALANCE XB213-3 (ST, E/IP)
Affected: Siemens SCALANCE XB213-3 (ST, PN)
Affected: Siemens SCALANCE XB213-3LD (SC, E/IP)
Affected: Siemens SCALANCE XB213-3LD (SC, PN)
Affected: Siemens SCALANCE XB216 (E/IP)
Affected: Siemens SCALANCE XB216 (PN)
Affected: Siemens SCALANCE XC206-2 (SC)
Affected: Siemens SCALANCE XC206-2 (ST/BFOC)
Affected: Siemens SCALANCE XC206-2G PoE
Affected: Siemens SCALANCE XC206-2G PoE (54 V DC)
Affected: Siemens SCALANCE XC206-2G PoE EEC (54 V DC)
Affected: Siemens SCALANCE XC206-2SFP
Affected: Siemens SCALANCE XC206-2SFP EEC
Affected: Siemens SCALANCE XC206-2SFP G
Affected: Siemens SCALANCE XC206-2SFP G (EIP DEF.)
Affected: Siemens SCALANCE XC206-2SFP G EEC
Affected: Siemens SCALANCE XC208
Affected: Siemens SCALANCE XC208EEC
Affected: Siemens SCALANCE XC208G
Affected: Siemens SCALANCE XC208G (EIP def.)
Affected: Siemens SCALANCE XC208G EEC
Affected: Siemens SCALANCE XC208G PoE
Affected: Siemens SCALANCE XC208G PoE (54 V DC)
Affected: Siemens SCALANCE XC216
Affected: Siemens SCALANCE XC216-3G PoE
Affected: Siemens SCALANCE XC216-3G PoE (54 V DC)
Affected: Siemens SCALANCE XC216-4C
Affected: Siemens SCALANCE XC216-4C G
Affected: Siemens SCALANCE XC216-4C G (EIP Def.)
Affected: Siemens SCALANCE XC216-4C G EEC
Affected: Siemens SCALANCE XC216EEC
Affected: Siemens SCALANCE XC224
Affected: Siemens SCALANCE XC224-4C G
Affected: Siemens SCALANCE XC224-4C G (EIP Def.)
Affected: Siemens SCALANCE XC224-4C G EEC
Affected: Siemens SCALANCE XF204
Affected: Siemens SCALANCE XF204 DNA
Affected: Siemens SCALANCE XF204-2BA
Affected: Siemens SCALANCE XF204-2BA DNA
Affected: Siemens SCALANCE XF204G
Affected: Siemens SCALANCE XP208
Affected: Siemens SCALANCE XP208
Affected: Siemens SCALANCE XP208 (Ethernet/IP)
Affected: Siemens SCALANCE XP208EEC
Affected: Siemens SCALANCE XP208EEC
Affected: Siemens SCALANCE XP208G
Affected: Siemens SCALANCE XP208G EEC
Affected: Siemens SCALANCE XP208G PoE EEC
Affected: Siemens SCALANCE XP208G PP
Affected: Siemens SCALANCE XP208PoE EEC
Affected: Siemens SCALANCE XP208PoE EEC
Affected: Siemens SCALANCE XP216
Affected: Siemens SCALANCE XP216 (Ethernet/IP)
Affected: Siemens SCALANCE XP216 (V2)
Affected: Siemens SCALANCE XP216EEC
Affected: Siemens SCALANCE XP216EEC (V2)
Affected: Siemens SCALANCE XP216G
Affected: Siemens SCALANCE XP216G EEC
Affected: Siemens SCALANCE XP216G PoE EEC
Affected: Siemens SCALANCE XP216POE EEC
Affected: Siemens SCALANCE XP216PoE EEC (V2)
Affected: Siemens SCALANCE XR324WG (24 x FE, AC 230V)
Affected: Siemens SCALANCE XR324WG (24 X FE, DC 24V)
Affected: Siemens SCALANCE XR326-2C PoE WG
Affected: Siemens SCALANCE XR326-2C PoE WG (without UL)
Affected: Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)
Affected: Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)
Affected: Siemens SCALANCE XR328-4C WG (28xGE, AC 230V)
Affected: Siemens SCALANCE XR328-4C WG (28xGE, DC 24V)
Affected: Siemens SIPLUS NET SCALANCE XC206-2
Affected: Siemens SIPLUS NET SCALANCE XC206-2SFP
Affected: Siemens SIPLUS NET SCALANCE XC208
Affected: Siemens SIPLUS NET SCALANCE XC216-4C
Published at:
Updated at:

References

Link Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf vendor advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf
https://cert-portal.siemens.com/productcert/html/ssa-699386.html
https://cert-portal.siemens.com/productcert/html/ssa-180704.html
https://cert-portal.siemens.com/productcert/html/ssa-602936.html
https://cert-portal.siemens.com/productcert/html/ssa-353002.html
https://cert-portal.siemens.com/productcert/html/ssa-087301.html

Frequently Asked Questions

What is the severity of CVE-2023-44321?
CVE-2023-44321 has been scored as a medium severity vulnerability.
How to fix CVE-2023-44321?
To fix CVE-2023-44321, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-44321 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-44321 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-44321?
CVE-2023-44321 affects Siemens RUGGEDCOM RM1224 LTE(4G) EU, Siemens RUGGEDCOM RM1224 LTE(4G) NAM, Siemens SCALANCE M804PB, Siemens SCALANCE M812-1 ADSL-Router family, Siemens SCALANCE M816-1 ADSL-Router family, Siemens SCALANCE M826-2 SHDSL-Router, Siemens SCALANCE M874-2, Siemens SCALANCE M874-3, Siemens SCALANCE M874-3 3G-Router (CN), Siemens SCALANCE M876-3, Siemens SCALANCE M876-3 (ROK), Siemens SCALANCE M876-4, Siemens SCALANCE M876-4 (EU), Siemens SCALANCE M876-4 (NAM), Siemens SCALANCE MUM853-1 (A1), Siemens SCALANCE MUM853-1 (B1), Siemens SCALANCE MUM853-1 (EU), Siemens SCALANCE MUM856-1 (A1), Siemens SCALANCE MUM856-1 (B1), Siemens SCALANCE MUM856-1 (CN), Siemens SCALANCE MUM856-1 (EU), Siemens SCALANCE MUM856-1 (RoW), Siemens SCALANCE S615 EEC LAN-Router, Siemens SCALANCE S615 LAN-Router, Siemens SCALANCE XB205-3 (SC, PN), Siemens SCALANCE XB205-3 (ST, E/IP), Siemens SCALANCE XB205-3 (ST, E/IP), Siemens SCALANCE XB205-3 (ST, PN), Siemens SCALANCE XB205-3LD (SC, E/IP), Siemens SCALANCE XB205-3LD (SC, PN), Siemens SCALANCE XB206-2 (SC), Siemens SCALANCE XB206-2 (ST/BFOC), Siemens SCALANCE XB206-2 LD, Siemens SCALANCE XB206-2 SC, Siemens SCALANCE XB206-2 ST, Siemens SCALANCE XB206-2LD, Siemens SCALANCE XB208 (E/IP), Siemens SCALANCE XB208 (PN), Siemens SCALANCE XB213-3 (SC, E/IP), Siemens SCALANCE XB213-3 (SC, PN), Siemens SCALANCE XB213-3 (ST, E/IP), Siemens SCALANCE XB213-3 (ST, PN), Siemens SCALANCE XB213-3LD (SC, E/IP), Siemens SCALANCE XB213-3LD (SC, PN), Siemens SCALANCE XB216 (E/IP), Siemens SCALANCE XB216 (PN), Siemens SCALANCE XC206-2 (SC), Siemens SCALANCE XC206-2 (ST/BFOC), Siemens SCALANCE XC206-2G PoE, Siemens SCALANCE XC206-2G PoE (54 V DC), Siemens SCALANCE XC206-2G PoE EEC (54 V DC), Siemens SCALANCE XC206-2SFP, Siemens SCALANCE XC206-2SFP EEC, Siemens SCALANCE XC206-2SFP G, Siemens SCALANCE XC206-2SFP G (EIP DEF.), Siemens SCALANCE XC206-2SFP G EEC, Siemens SCALANCE XC208, Siemens SCALANCE XC208EEC, Siemens SCALANCE XC208G, Siemens SCALANCE XC208G (EIP def.), Siemens SCALANCE XC208G EEC, Siemens SCALANCE XC208G PoE, Siemens SCALANCE XC208G PoE (54 V DC), Siemens SCALANCE XC216, Siemens SCALANCE XC216-3G PoE, Siemens SCALANCE XC216-3G PoE (54 V DC), Siemens SCALANCE XC216-4C, Siemens SCALANCE XC216-4C G, Siemens SCALANCE XC216-4C G (EIP Def.), Siemens SCALANCE XC216-4C G EEC, Siemens SCALANCE XC216EEC, Siemens SCALANCE XC224, Siemens SCALANCE XC224-4C G, Siemens SCALANCE XC224-4C G (EIP Def.), Siemens SCALANCE XC224-4C G EEC, Siemens SCALANCE XF204, Siemens SCALANCE XF204 DNA, Siemens SCALANCE XF204-2BA, Siemens SCALANCE XF204-2BA DNA, Siemens SCALANCE XF204G, Siemens SCALANCE XP208, Siemens SCALANCE XP208, Siemens SCALANCE XP208 (Ethernet/IP), Siemens SCALANCE XP208EEC, Siemens SCALANCE XP208EEC, Siemens SCALANCE XP208G, Siemens SCALANCE XP208G EEC, Siemens SCALANCE XP208G PoE EEC, Siemens SCALANCE XP208G PP, Siemens SCALANCE XP208PoE EEC, Siemens SCALANCE XP208PoE EEC, Siemens SCALANCE XP216, Siemens SCALANCE XP216 (Ethernet/IP), Siemens SCALANCE XP216 (V2), Siemens SCALANCE XP216EEC, Siemens SCALANCE XP216EEC (V2), Siemens SCALANCE XP216G, Siemens SCALANCE XP216G EEC, Siemens SCALANCE XP216G PoE EEC, Siemens SCALANCE XP216POE EEC, Siemens SCALANCE XP216PoE EEC (V2), Siemens SCALANCE XR324WG (24 x FE, AC 230V), Siemens SCALANCE XR324WG (24 X FE, DC 24V), Siemens SCALANCE XR326-2C PoE WG, Siemens SCALANCE XR326-2C PoE WG (without UL), Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), Siemens SCALANCE XR328-4C WG (28xGE, AC 230V), Siemens SCALANCE XR328-4C WG (28xGE, DC 24V), Siemens SIPLUS NET SCALANCE XC206-2, Siemens SIPLUS NET SCALANCE XC206-2SFP, Siemens SIPLUS NET SCALANCE XC208, Siemens SIPLUS NET SCALANCE XC216-4C.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.