CVE-2025-24532
First published: Tue Feb 11 2025(Updated: )
A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices with role `user` is affected by incorrect authorization in SNMPv3 View configuration. This could allow an attacker to change the View Type of SNMPv3 Views.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SCALANCE WAB762-1 | <V3.0.0 | |
| Siemens Scalance WAM763-1 | <V3.0.0 | |
| Siemens SCALANCE WAM763-1 | <V3.0.0 | |
| Siemens SCALANCE WAM763-1 | <V3.0.0 | |
| Siemens SCALANCE WAM766-1 | <V3.0.0 | |
| Siemens SCALANCE WAM766-1 EEC (ME) | <V3.0.0 | |
| Siemens SCALANCE WAM766-1 | <V3.0.0 | |
| Siemens SCALANCE WAM766-1 ECC Firmware | <V3.0.0 | |
| Siemens SCALANCE WUB762-1 iFeatures | <V3.0.0 | |
| Siemens SCALANCE WUB762-1 | <V3.0.0 | |
| Siemens Scalance WUM763-1 Firmware | <V3.0.0 | |
| Siemens SCALANCE WUM763-1 | <V3.0.0 | |
| Siemens SCALANCE WUM766-1 | <V3.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-24532?
CVE-2025-24532 is classified as a critical vulnerability that can lead to unauthorized access to sensitive data.
How do I fix CVE-2025-24532?
To fix CVE-2025-24532, update the affected SCALANCE devices to version 3.0.0 or later.
Which devices are affected by CVE-2025-24532?
CVE-2025-24532 affects various SCALANCE models, including WAB762-1 and WAM763-1, in all versions prior to 3.0.0.
What are the potential impacts of CVE-2025-24532?
Exploiting CVE-2025-24532 may allow attackers to gain unauthorized access, potentially compromising network integrity.
Is there a patch available for CVE-2025-24532?
Yes, a patch is available; users must upgrade their devices to versions 3.0.0 or later to mitigate CVE-2025-24532.
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/event
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens scalance wab762-1
- canonical/siemens scalance wam763-1
- canonical/siemens scalance wam766-1
- canonical/siemens scalance wam766-1 eec (me)
- canonical/siemens scalance wam766-1 ecc firmware
- canonical/siemens scalance wub762-1 ifeatures
- canonical/siemens scalance wub762-1
- canonical/siemens scalance wum763-1 firmware
- canonical/siemens scalance wum763-1
- canonical/siemens scalance wum766-1