OTPulse
FeedAboutContact

ICSA-18-282-02 Siemens SCALANCE W1750D

Act Now5.9ICS-CERT ICSA-18-282-02Oct 9, 2018
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

The SCALANCE W1750D wireless access point contains an information disclosure vulnerability (CWE-203) in firmware versions before 8.3.0.1. The vulnerability allows an attacker with network access to the device's web interface to extract sensitive configuration data through timing or side-channel attacks, potentially revealing wireless security settings, authentication credentials, or device parameters. The vulnerability requires network-level access but no user authentication.

What this means
What could happen
An attacker with network access to the SCALANCE W1750D web interface could read sensitive configuration data, potentially exposing wireless network settings, authentication details, or device parameters that could be used to compromise the network.
Who's at risk
Operators of Siemens SCALANCE W1750D wireless access points used in industrial networks should assess this risk. This device is commonly used for remote access to PLCs and remote terminal units (RTUs) in water systems, power distribution, and manufacturing facilities.
How it could be exploited
An attacker sends a specially crafted HTTP request to the web interface of an accessible SCALANCE W1750D device. The vulnerability allows information disclosure (CWE-203) through timing or side-channel analysis, allowing the attacker to extract sensitive data without authentication.
Prerequisites
  • Network access to the SCALANCE W1750D web interface (typically port 80/443)
  • Device running firmware version earlier than 8.3.0.1
  • No authentication bypass required, but web interface must be reachable
remotely exploitablehigh EPSS score (78.5%)no authentication requiredaffects industrial network access infrastructure
Exploitability
High exploit probability (EPSS 78.5%)
Affected products (1)
ProductAffected VersionsFix Status
SCALANCE W1750D<V8.3.0.18.3.0.1
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDRestrict access to the web interface using firewall rules; allow only authorized administrative workstations
WORKAROUNDDisable or password-protect the web interface if remote management is not required
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCALANCE W1750D firmware to version 8.3.0.1 or later
Long-term hardening
0/1
HARDENINGSegment the wireless access point network from the business network and limit external connectivity
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c437b6e0-4d4e-4a82-b398-8df71e598ddc
ICSA-18-282-02 Siemens SCALANCE W1750D | CVSS 5.9 - OTPulse