Primary

Context

Siemens SCALANCE W-700 IEEE 802.11ax Devices Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Patched

An input validation vulnerability has been identified in multiple SCALANCE W-700 IEEE 802.11ax devices, all versions prior to 3.0.0. The affected models include the WAB762-1, WAM763-1, WAM766-1, WUB762-1, and WUM763-1 series. This vulnerability allows authenticated remote attackers to execute arbitrary shell commands on the device by exploiting improper input validation when loading configuration files.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of shell commands on the affected device.

Remediation

Siemens has released version 3.0.0 for the affected products. Instructions for updating can be found on the Siemens Industry Support page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SCALANCE W-700 IEEE 802.11ax Devices Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Impact

Remediation

Affected Products

Siemens SCALANCE W-700 IEEE 802.11ax family

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating