April 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
New ZLoader Variant Linked to Unidentified PowerShell Backdoor – Active IOCs
July 30, 2024Multiple Apache Traffic Server Vulnerabilities
July 30, 2024New ZLoader Variant Linked to Unidentified PowerShell Backdoor – Active IOCs
July 30, 2024Multiple Apache Traffic Server Vulnerabilities
July 30, 2024
Severity
Medium
Analysis Summary
CVE-2023-52891 CVSS:5.3
Siemens SIMATIC and SIMIT are vulnerable to a denial of service, caused by improperly controlled sequential memory allocation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the high load situation and memory exhaustion, and may block the server.
CVE-2024-38867 CVSS:5.9
Siemens SIPROTEC products is vulnerable to a man-in-the-middle attack, caused by the use of weak ciphers on several ports. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.
CVE-2023-32737 CVSS:6.3
Siemens TIA Portal and SIMATIC STEP 7 could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the .NET BinaryFormatter. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-39870 CVSS:5.3
Siemens SINEMA Remote Connect Server could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper privilege management. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to modify users outside of their own scope and gain elevated privileges
Impact
- Denial of Service
- Information Disclosure
- Gain Access
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2023-52891
- CVE-2024-38867
- CVE-2023-32737
- CVE-2024-39870
Affected Vendors
Siemens
Affected Products
- Siemens SIMATIC Energy Manager Basic
- Siemens SIMATIC Energy Manager PRO
- Siemens SIMATIC IPC DiagMonitor
- Siemens SIPROTEC 5 6MD89 (CP300)
- Siemens SIPROTEC 5 7KE85 (CP200)
- Siemens SIPROTEC 5 7KE85 (CP300)
- Siemens SIPROTEC 5 7SA82 (CP100)
- Siemens SIPROTEC 5 7SA82 (CP150)
- Siemens SIPROTEC 5 7SA84 (CP200)
- Siemens SIPROTEC 5 7SA86 (CP200)
- Siemens SIPROTEC 5 7SA86 (CP300)
- Siemens SIPROTEC 5 7SA87 (CP200)
- Siemens SIPROTEC 5 7SA87 (CP300)
- Siemens SIPROTEC 5 7SD82 (CP100)
- Siemens SIPROTEC 5 7SD82 (CP150)
- Siemens SIPROTEC 5 7SD84 (CP200)
- Siemens SIPROTEC 5 7SD86 (CP200)
- Siemens SINEMA Remote Connect Server 3.2
- Siemens SIMATIC IPC DiagBase
- Siemens SIMIT V10
- Siemens SIMIT V11
- Siemens SIPROTEC 5 6MD85 (CP300)
- Siemens SIMATIC STEP 7 Safety V18 0
Remediation
Refer to Siemens security advisory for patch, upgrade or suggested workaround information.
