Security Advisory

Siemens Product Security Update Advisory

  • Oct 10 2024

Overview

An update has been released to address vulnerabilities in Siemens Products. Users of the affected versions are advised to update to the latest version

 

Affected Products

 

CVE-2024-41981, CVE-2024-47046

  • Simcenter Nastran 2306 All version
  • Simcenter Nastran 2312 All version
  • Simcenter Nastran 2406 versions: ~ 2406.5000 (excluded)

 

CVE-2024-41798

  • SENTRON 7KM PAC3200 All version

 

CVE-2024-41902

  • JT2Go versions: ~ 2406.0003 (excluded)

 

CVE-2024-45463, CVE-2024-45464, CVE-2024-45465, CVE-2024-45466, CVE-2024-45467, CVE-2024-45468, CVE-2024-45469, CVE-2024-45470, CVE-2024-45471, CVE-2024-45472, CVE-2024-45473, CVE-2024-45474, CVE-2024-45475

  • Tecnomatix Plant Simulation V2302 versions: ~ 2302.0016 (excluded)
  • Tecnomatix Plant Simulation V2404 versions: ~ 2404.0005 (excluded)

 

CVE-2023-52952

  • HiMed Cockpit 12 pro versions: 11.5.1 (inclusive) ~ 11.6.2 (excluded)
  • HiMed Cockpit 14 pro+ versions: 11.5.1 (inclusive) ~ 11.6.2 (excluded)
  • HiMed Cockpit 18 pro versions: 11.5.1 (inclusive) ~ 11.6.2 (excluded)
  • HiMed Cockpit 18 pro+ versions: 11.5.1 (inclusive) ~ 11.6.2 (excluded)

 

CVE-2024-47553, CVE-2024-47562

  • Siemens SINEC Security Monitor versions: ~ 4.9.0 (excluded)

 

 

Resolved Vulnerabilities

 

Heap-based buffer overflow vulnerability while parsing specially crafted BDF files (CVE-2024-41981)

Memory corruption vulnerability while parsing a specially crafted BDF file (CVE-2024-47046)

Vulnerability in the Modbus TCP interface when securing administrative access with a four-digit PIN, which could be easily bypassed by an attacker via a brute force attack or sniffing of plain text communications (CVE-2024-41798)

Stack-based buffer overflow vulnerability that could be triggered while parsing a specially crafted PDF file (CVE-2024-41902)

Vulnerabilities that could cause memory corruption while parsing specially crafted WRL files (CVE-2024-45474, CVE-2024-45467, CVE-2024-45468, CVE-2024-45472, CVE-2024-45473, CVE-2024-45475)

An out-of-bounds read beyond the end of the allocated structure while parsing specially crafted WRL files (CVE-2024-45466, CVE-2024-45465, CVE-2024-45463, CVE-2024-45464)

Out-of-bounds write vulnerability when parsing a specially crafted WRL file (CVE-2024-45469, CVE-2024-45470, CVE-2024-45471)

Limited desktop environment escape vulnerability in kiosk mode on affected devices (CVE-2023-52952)

A vulnerability in the “ssmctl-client“ command that does not properly sanitize special elements of user input, allowing authenticated, low-privileged local attackers to execute privileged commands on the underlying OS (CVE-2024-47562)

The “ssmctl-client“ command does not properly validate user input, which could allow authenticated, low-privileged remote attackers to execute arbitrary code with root privileges on the underlying OS (CVE-2024-47553)

 

Vulnerability Patches

 

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
 

 

CVE-2024-41981, CVE-2024-47046

  • Simcenter Nastran 2306: Currently no fix is available
  • Simcenter Nastran 2312: Currently no fix is available
  • Simcenter Nastran 2406 version: 2406.5000 or later version

 

CVE-2024-41798

  • SENTRON 7KM PAC3200: Currently no fix is available

 

CVE-2024-41902

  • JT2Go versions: 2406.0003 or later version

 

CVE-2024-45463, CVE-2024-45464, CVE-2024-45465, CVE-2024-45466, CVE-2024-45467, CVE-2024-45468, CVE-2024-45469, CVE-2024-45470, CVE-2024-45471, CVE-2024-45472, CVE-2024-45473, CVE-2024-45474, CVE-2024-45475

  • Tecnomatix Plant Simulation V2302 version: 2302.0016 or later version
  • Tecnomatix Plant Simulation V2404 version: 2404.0005 or later version

 

CVE-2023-52952

  • HiMed Cockpit 12 pro Version: 11.6.2 or later version
  • HiMed Cockpit 14 pro+ version: 11.6.2 or later version
  • HiMed Cockpit 18 pro version: 11.6.2 or later version
  • HiMed Cockpit 18 pro+ version: 11.6.2 or later version

 

CVE-2024-47553, CVE-2024-47562

  • Siemens SINEC Security Monitor version: 4.9.0 or later version

 

 

References

[1] SSA-852501: Multiple Memory Corruption Vulnerabilities in Simcenter Nastran Before 2406.5000

https://cert-portal.siemens.com/productcert/html/ssa-852501.html

[2] SSA-850560: Use of 4-Digit PIN in SENTRON PAC3200 Devices

https://cert-portal.siemens.com/productcert/html/ssa-850560.html

[3] SSA-626178: Stack-Based Buffer Overflow Vulnerability in JT2Go Before V2406.0003

https://cert-portal.siemens.com/productcert/html/ssa-626178.html

[4] SSA-583523: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation

https://cert-portal.siemens.com/productcert/html/ssa-583523.html

[5] SSA-540493: Kiosk Mode Escape Vulnerability in HiMed Cockpit Devices Before V11.6.2

https://cert-portal.siemens.com/productcert/html/ssa-540493.html

[6] SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0

https://cert-portal.siemens.com/productcert/html/ssa-430425.html

Tags:

Previous Post

Next Post