June 23, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
North Korean APT Kimsuky aka Black Banshee – Active IOCs
October 4, 2024
Recently Patched Vulnerability in CUPS Allows DDoS Attacks to be Amplified
October 4, 2024
North Korean APT Kimsuky aka Black Banshee – Active IOCs
October 4, 2024
Recently Patched Vulnerability in CUPS Allows DDoS Attacks to be Amplified
October 4, 2024
Severity
Medium
Analysis Summary
CVE-2024-39876 CVSS:4
Siemens SINEMA Remote Connect Server is vulnerable to a denial of service, caused by not properly handle log rotation. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-32735 CVSS:6.5
Multiple Siemens products could allow a local authenticated attacker to execute arbitrary code on the system, caused by not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Denial of Service
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-39876
- CVE-2023-32735
Affected Vendors
Siemens
Affected Products
- Siemens SINEMA Remote Connect Server 3.2
- Siemens SIMATIC STEP 7 Safety V18 0
- Siemens SIMATIC STEP 7 Safety V16 0
- Siemens SIMATIC STEP 7 Safety V17 0
- Siemens SIMATIC STEP 7 V16 0
- Siemens SIMATIC STEP 7 V17 0
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.