Multiple Siemens products use hard-coded encryption key vulnerability

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11 standard (802.11ac, 802.11a/b/g/h and/or 802.11n).SCALANCE W-1700 products are wireless communication devices based on the IEEE 802.11ac standard. They are used to connect various WLAN devices (access points or clients, depending on the operating mode), with a focus on industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs).SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). A vulnerability exists in the use of hard-coded encryption keys in multiple Siemens products, which can be exploited by an authenticated attacker with administrative privileges or by an attacker who obtains a configuration backup to extract configuration information from an exported file.