{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SCALANCE M-800 and SC-600 families are affected by improper input validation in the OpenVPN authentication. \n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-280834: Improper OpenVPN Credential Validation Vulnerability in SCALANCE M-800 and SC-600 Families - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-280834.html"
      },
      {
        "category": "self",
        "summary": "SSA-280834: Improper OpenVPN Credential Validation Vulnerability in SCALANCE M-800 and SC-600 Families - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-280834.json"
      }
    ],
    "title": "SSA-280834: Improper OpenVPN Credential Validation Vulnerability in SCALANCE M-800 and SC-600 Families",
    "tracking": {
      "current_release_date": "2026-05-12T00:00:00.000Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-280834",
      "initial_release_date": "2025-03-11T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-03-11T00:00:00.000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2026-05-12T00:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added fix for SCALANCE SC-600 family"
        }
      ],
      "status": "interim",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)",
                  "product_id": "1",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK6108-4AM00-2BA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)",
                  "product_id": "2",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK6108-4AM00-2DA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)",
                  "product_id": "3",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5804-0AP00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M812-1 ADSL-Router family",
                  "product_id": "4"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M812-1 ADSL-Router family"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M816-1 ADSL-Router family",
                  "product_id": "5"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M816-1 ADSL-Router family"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)",
                  "product_id": "6",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5826-2AB00-2AB2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)",
                  "product_id": "7",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5874-2AA00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)",
                  "product_id": "8",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5874-3AA00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)",
                  "product_id": "9",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5874-3AA00-2FA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)",
                  "product_id": "10",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5876-3AA02-2BA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)",
                  "product_id": "11",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5876-3AA02-2EA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)",
                  "product_id": "12",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5876-4AA10-2BA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)",
                  "product_id": "13",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5876-4AA00-2BA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)",
                  "product_id": "14",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5876-4AA00-2DA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)",
                  "product_id": "15",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5852-1EA10-1AA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)",
                  "product_id": "16",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5852-1EA10-1BA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)",
                  "product_id": "17",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5853-2EA10-2AA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)",
                  "product_id": "18",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5853-2EA10-2BA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)",
                  "product_id": "19",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5853-2EA00-2DA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)",
                  "product_id": "20",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5856-2EA10-3AA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)",
                  "product_id": "21",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5856-2EA10-3BA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)",
                  "product_id": "22",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5856-2EA00-3FA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)",
                  "product_id": "23",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5856-2EA00-3DA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)",
                  "product_id": "24",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5856-2EA00-3AA1"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)",
                  "product_id": "25",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5615-0AA01-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<8.2.1",
                "product": {
                  "name": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)",
                  "product_id": "26",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5615-0AA00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)",
                  "product_id": "27",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5622-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)",
                  "product_id": "28",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5626-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)",
                  "product_id": "29",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5632-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)",
                  "product_id": "30",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5636-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)",
                  "product_id": "31",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5642-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/<3.2",
                "product": {
                  "name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)",
                  "product_id": "32",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5646-2GS00-2AC2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-23384",
      "cwe": {
        "id": "CWE-187",
        "name": "Partial String Comparison"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected devices improperly validate usernames during OpenVPN authentication. This could allow an attacker to get partial invalid usernames accepted by the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Apply a strong password policy for your devices.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.2 or later version",
          "product_ids": [
            "27",
            "28",
            "29",
            "30",
            "31",
            "32"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110001886/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.2.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109983338/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32"
          ]
        }
      ],
      "title": "CVE-2025-23384"
    }
  ]
}