June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
DONOT APT Group Targets Pakistan’s Defense and Maritime Sector – Active IOCs
November 20, 2024
Chinese Threat Actors Target Telecom Networks Using SIGTRAN and GSM Protocols
November 20, 2024
DONOT APT Group Targets Pakistan’s Defense and Maritime Sector – Active IOCs
November 20, 2024
Chinese Threat Actors Target Telecom Networks Using SIGTRAN and GSM Protocols
November 20, 2024
Severity
Medium
Analysis Summary
CVE-2024-50561 CVSS:4.3
Siemens SCALANCE M-800 family is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-50560 CVSS:3.1
Siemens SCALANCE M-800 family could provide weaker than expected security, caused by a flaw with truncating usernames longer than 15 characters when accessed via SSH. A remote authenticated attacker could exploit this vulnerability to launch further attacks on the system.
CVE-2024-50559 CVSS:4.3
Siemens SCALANCE M-800 family could allow a remote attacker to traverse directories on the system, caused by improper validation of filenames of the certificate. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to append arbitrary values.
CVE-2024-50558 CVSS:4.3
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA
CVE-2024-46894 CVSS:5.3
Siemens SINEC INS could allow a remote authenticated attacker to obtain sensitive information, caused by failing to validate authorization of a user to query the "/api/sftp/users" endpoint. By sending a specially crafted request, an attacker could exploit this vulnerability to gain knowledge about the list of configured users of the SFTP service and also modify that configuration.
CVE-2024-46892 CVSS:6.9
Siemens SINEC INS could allow a remote authenticated attacker to bypass security restrictions, caused by failing to invalidate sessions when the associated user is deleted or disabled or their permissions are modified. By sending a specially crafted request, an attacker could exploit this vulnerability to continue performing malicious actions even after their user account has been disabled.
CVE-2024-46889 CVSS:6.9
Siemens SINEC INS contains default hard-coded cryptographic key. A remote attacker could exploit this vulnerability to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.
CVE-2024-46888 CVSS:9.4
Siemens SINEC INS could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially crafted request to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.
CVE-2024-36140 CVSS:8.2
Siemens OZW Web Servers is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-29119 CVSS:8.5
Siemens Spectrum Power 7 could allow a local authenticated attacker to gain elevated privileges on the system, caused by containing several root-owned SUID binaries. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-47808 CVSS:8.4
Siemens SINEC NMS could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to properly restrict the permissions of users to write to the filesystem of the host system. An attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Denial of Service
- Gain Access
- Security Bypass
- Privilege Escalation
- Cross-Site Scripting
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-50561
- CVE-2024-50560
- CVE-2024-50559
- CVE-2024-50558
- CVE-2024-46894
- CVE-2024-46892
- CVE-2024-46889
- CVE-2024-46888
- CVE-2024-36140
- CVE-2024-29119
- CVE-2024-47808
Affected Vendors
Siemens
Affected Products
- Siemens SCALANCE M804PB
- Siemens RUGGEDCOM RM1224 LTE(4G) EU
- Siemens RUGGEDCOM RM1224 LTE(4G) NAM
- Siemens SCALANCE M812-1 ADSL-Router
- Siemens SINEC INS
- Siemens OZW672
- Siemens OZW772
- Siemens Spectrum Power 7
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.
