Siemens Product Security Update Advisory

Sep 11 2024

Overview

An update has been released to address vulnerabilities in Siemens Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-37990, CVE-2024-37992, CVE-2024-37993, CVE-2024-37994, CVE-2024-37995

SIMATIC Reader RF610R CMIIT versions: ~ 4.2 (excluded)
SIMATIC Reader RF610R ETSI versions: ~ 4.2 (excluded)
SIMATIC Reader RF610R FCC versions: ~ 4.2 (excluded)
SIMATIC Reader RF615R CMIIT versions: ~ 4.2 (excluded)
SIMATIC Reader RF615R ETSI versions: ~ 4.2 (excluded)
SIMATIC Reader RF615R FCC versions: ~ 4.2 (excluded)
SIMATIC Reader RF650R ARIB versions: ~ 4.2 (excluded)
SIMATIC Reader RF650R CMIIT versions: ~ 4.2 (excluded)
SIMATIC Reader RF650R ETSI versions: ~ 4.2 (excluded)
SIMATIC Reader RF650R FCC versions: ~ 4.2 (excluded)
SIMATIC Reader RF680R ARIB versions: ~ 4.2 (excluded)
SIMATIC Reader RF680R CMIIT versions: ~ 4.2 (excluded)
SIMATIC Reader RF680R ETSI versions: ~ 4.2 (excluded)
SIMATIC Reader RF680R FCC versions: ~ 4.2 (excluded)
SIMATIC Reader RF685R ARIB versions: ~ 4.2 (excluded)
SIMATIC Reader RF685R CMIIT versions: ~ 4.2 (excluded)
SIMATIC Reader RF685R ETSI versions: ~ 4.2 (excluded)
SIMATIC Reader RF685R FCC versions: ~ 4.2 (excluded)
SIMATIC RF360R versions: ~ 2.2 (excluded)

CVE-2024-35783

SIMATIC BATCH V9.1 all versions
SIMATIC Information Server 2020 all versions
SIMATIC Information Server 2022 all versions
SIMATIC PCS 7 V9.1 all versions
SIMATIC Process Historian 2020 all versions
SIMATIC Process Historian 2022 all versions
SIMATIC WinCC Runtime Professional V18 all versions
SIMATIC WinCC Runtime Professional V19 all versions
SIMATIC WinCC V7.4 all versions
SIMATIC WinCC V7.5 versions: ~ 7.5 SP2 Update 18 (excluded)
SIMATIC WinCC V8.0 versions: up to 8.0 Update 5 (excluded)

CVE-2024-41170

Tecnomatix Plant Simulation V2302 versions: ~ 2302.0015 (excluded)
Tecnomatix Plant Simulation V2404 versions: ~ 2404.0004 (excluded)

CVE-2023-30756, CVE-2023-28827

SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) versions: ~ 3.5.20 (excluded)
SIMATIC CP 1243-1 (incl. SIPLUS variants) versions: ~ 3.5.20 (excluded)
SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) versions: ~ 3.5.20 (excluded)
SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) versions: ~ 3.5.20 (excluded)
SIMATIC CP 1243-7 LTE versions: ~ 3.5.20 (excluded)
SIMATIC CP 1243-8 IRC versions: ~ 3.5.20 (excluded)
SIMATIC HMI Comfort Panels (incl. SIPLUS variants) all versions
SIMATIC IPC DiagBase all versions
SIMATIC IPC DiagMonitor all versions
SIMATIC WinCC Runtime Advanced all versions
SIPLUS TIM 1531 IRC versions: ~ 2.4.8 (excluded)
TIM 1531 IRC versions: ~ 2.4.8 (excluded)

CVE-2024-45032

Industrial Edge Management Pro versions: ~ 1.9.5 (excluded)
Industrial Edge Management Virtual versions: ~ 2.3.1-1 (excluded)

CVE-2024-41171

SINUMERIK 828D V4 all versions
SINUMERIK 828D V5 versions: ~ 5.24 (excluded)
SINUMERIK 840D sl V4 all versions
SINUMERIK ONE versions: ~ 6.24 (excluded)

CVE-2024-44087

Automation License Manager V5 all versions
Automation License Manager V6.0 all versions
Automation License Manager V6.2 versions: ~ 6.2 Upd3 (excluded)

CVE-2024-33698

SIMATIC Information Server 2022 all versions
SIMATIC Information Server 2024 all versions
SIMATIC PCS neo V4.0 all versions
SIMATIC PCS neo V4.1 versions: ~ 4.1 Update 2 (excluded)
SIMATIC PCS neo V5.0 all versions
SINEC NMS all versions
Totally Integrated Automation Portal (TIA Portal) V16 all versions
Totally Integrated Automation Portal (TIA Portal) V17 versions: ~ 17 Update 8 (excluded)
Totally Integrated Automation Portal (TIA Portal) V18 all versions
Totally Integrated Automation Portal (TIA Portal) V19 all versions

Resolved Vulnerabilities

Vulnerability that allows an attacker with privileged access to modify a modifiable configuration file and enable unreleased functionality (CVE-2024-37990)

Vulnerability in running the DB server with elevated privileges that could allow an authenticated attacker to execute arbitrary OS commands with administrator privileges (CVE-2024-35783)

An overflow vulnerability that could allow an attacker to execute code in the context of the current process while parsing a specially crafted SPP file (CVE-2024-41170)

Failure to properly handle certain errors when using the Expect HTTP request header, resulting in a NULL dereference, which could allow an unauthorized remote attacker to cause a denial of service condition on the system (CVE-2023-30756)

Watchdog failed to properly handle certain requests, resulting in a timeout above the watchdog, which could cause pointer cleanup, allowing remote attackers to cause a denial of service condition on the system (CVE-2023-28827)

Device tokens were not properly validated, allowing an unauthenticated remote attacker to impersonate another device onboarded to the system (CVE-2024-45032)

Vulnerability that could allow an authenticated local attacker to escalate privileges on the primary system due to improperly enforcing access restrictions on scripts that regularly run on a privileged system (CVE-2024-41171)

A vulnerability in the Integrated UMC component that does not properly validate certain fields in incoming network packets on port 4410/tcp, which could allow an unauthenticated remote attacker to cause an integer overflow and crash the application (CVE-2024-44087)

Integrated UMC component contains a heap-based buffer overflow vulnerability, which could allow an unauthenticated remote attacker to execute arbitrary code (CVE-2024-33698)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.