June 19, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Adobe Products Zero-Day Vulnerabilities
August 16, 2024
Multiple Microsoft Products Vulnerabilities
August 16, 2024
Multiple Adobe Products Zero-Day Vulnerabilities
August 16, 2024
Multiple Microsoft Products Vulnerabilities
August 16, 2024
Severity
High
Analysis Summary
CVE-2024-41977 CVSS:7.1
Siemens SCALANCE M-800 family could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to properly enforce isolation between user sessions in their web server component. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-41908 CVSS:7.8
Siemens NX could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted PRT file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process or cause the application to crash.
CVE-2024-41939 CVSS:8.8
Siemens SINEC NMS could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-41940 CVSS:9.1
Siemens SINEC NMS could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation in the privileged command queue. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary OS commands with elevated privileges.
CVE-2024-41904 CVSS:7.5
Siemens SINEC Traffic Analyzer could allow a remote attacker to obtain sensitive information, caused by not properly enforce restriction of excessive authentication attempts. By utilizing brute force attack techniques, an attacker could exploit this vulnerability to obtain user credentials or keys information, and use this information to launch further attacks against the affected system.
CVE-2024-41976 CVSS:7.2
Siemens SCALANCE M-800 and RUGGEDCOM RM1224 devices could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation in specific VPN configuration fields. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-41977
- CVE-2024-36398
- CVE-2024-41908
- CVE-2024-41939
- CVE-2024-41940
- CVE-2024-41904
- CVE-2024-41976
Affected Vendors
Siemens
Affected Products
- Siemens SINEC NMS - 2.0
- Siemens SCALANCE M804PB
- Siemens SCALANCE M812-1 ADSL-Router family
- Siemens SCALANCE M816-1 ADSL-Router family
- Siemens SCALANCE M826-2 SHDSL-Router
- Siemens NX
- Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)
- Siemens RUGGEDCOM RM1224 LTE(4G) NAM - 0
- Siemens SCALANCE M804PB - 0
- Siemens SCALANCE M812-1 ADSL-Router family - 0
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.