July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Latrodectus Malware Loader Found in Phishing Campaigns, Replacing IcedID – Active IOCs
May 21, 2024Iranian Threat Actors Launch Destructive Wiping Attacks on Targeted Nations – Active IOCs
May 21, 2024Latrodectus Malware Loader Found in Phishing Campaigns, Replacing IcedID – Active IOCs
May 21, 2024Iranian Threat Actors Launch Destructive Wiping Attacks on Targeted Nations – Active IOCs
May 21, 2024
Severity
High
Analysis Summary
CVE-2024-32740 CVSS:9.8
Siemens SIMATIC CN 4100 contains default hardcoded credentials. A remote attacker could exploit this vulnerability to gain access to the device.
CVE-2024-33492 CVSS:7.8
Siemens Solid Edge could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to parse specially crafted PAR files, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-33489 CVSS:7.8
Siemens Solid Edge is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to parse specially crafted PAR files, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-34771 CVSS:7.8
Siemens Solid Edge is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to parse specially crafted PAR files, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-32741 CVSS:10
Siemens SIMATIC CN 4100 contains default hardcoded password. A remote attacker could exploit this vulnerability to gain access to the device.
CVE-2024-32635 CVSS:7.8
Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to parse a specially crafted X_T file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-32637 CVSS:3.3
Siemens Parasolid is vulnerable to a denial of service, caused by a NULL pointer dereference flaw. By persuading a victim to parse a specially crafted X_T file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27947 CVSS:5.3
Siemens RUGGEDCOM CROSSBOW could allow a remote attacker to obtain sensitive information, caused by improper authorization validation by the message forward feature. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain forward message information, and use this information to launch further attacks against the affected system.
CVE-2024-27941 CVSS:8.8
Siemens RUGGEDCOM CROSSBOW is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2024-27942 CVSS:7.5
Siemens RUGGEDCOM CROSSBOW is vulnerable to a denial of service, caused by improper authentication validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to disconnect any active user from the server.
CVE-2024-34085 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By persuading a victim to parse a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-31485 CVSS:7.2
Multiple Siemens SICAM Products could allow a remote authenticated attacker to gain elevated privileges on the system, caused by missing server side input sanitation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with root privileges.
CVE-2024-27940 CVSS:8.8
Siemens RUGGEDCOM CROSSBOW is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-46280 CVSS:6.5
Multiple Siemens Industrial Products are vulnerable to a denial of service, caused by an out-of-bounds read flaw. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a Blue Screen of Death (BSOD) crash on the underlying Windows kernel.
CVE-2024-33491 CVSS:7.8
Siemens Solid Edge could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to parse specially crafted PAR files, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-32742 CVSS:7.6
Siemens SIMATIC CN 4100 could allow a local attacker to gain elevated privileges on the system, caused by containing an unrestricted USB port. An attacker could exploit this vulnerability to misuse the port or booting another operating system and gain complete read/write access to the filesystem.
CVE-2024-32055 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Buffer Overflow
- Data Manipulation
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-32740
- CVE-2024-33492
- CVE-2024-33489
- CVE-2024-34771
- CVE-2024-32741
- CVE-2024-32635
- CVE-2024-32637
- CVE-2024-27947
- CVE-2024-27941
- CVE-2024-27942
- CVE-2024-34085
- CVE-2024-31485
- CVE-2024-27940
- CVE-2024-46280
- CVE-2024-33491
- CVE-2024-32742
- CVE-2024-32055
Affected Vendors
Siemens
Affected Products
- Siemens SIMATIC PCS 7 9.1
- Siemens SIMATIC BATCH 9.1
- Siemens SIMATIC Route Control 9.1
- Siemens PS/IGES Parasolid Translator Component 27.1
- Siemens SIMATIC CN 4100 0
- Siemens Solid Edge 0
- Siemens Parasolid V35.1 0
- Siemens Parasolid V36.0 0
- Siemens Parasolid V36.1 0
- Siemens RUGGEDCOM CROSSBOW 5.4
- Siemens JT2Go 0
- Siemens Teamcenter Visualization V14.1 0
- Siemens Teamcenter Visualization V14.2 0
- Siemens Teamcenter Visualization V14.3 0
- Siemens Teamcenter Visualization V2312 0
- Siemens CPCI85 Central Processing/Communication 5.20
- Siemens SICORE Base system 1.2.0
- Siemens SIMATIC Automation Tool
- Siemens Security Configuration Tool (SCT)
- Siemens SIMATIC PDM
- Siemens SIMATIC NET PC software
- Siemens S7-PCT
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.