As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v3 8.1
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: Industrial Edge Management OS (IEM-OS), SINEMA Remote Connect Server, SINUMERIK ONE
- Vulnerability: Signal Handler Race Condition
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to achieve remote code execution with high impact on the affected system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Siemens products are affected:
- Industrial Edge Management OS (IEM-OS): All versions
- SINEMA Remote Connect Server: All versions prior to V3.2 SP2
- SINUMERIK ONE: All versions prior to V6.24
3.2 Vulnerability Overview
3.2.1 SIGNAL HANDLER RACE CONDITION CWE-364
A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CVE-2024-6387 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been assigned; the CVSS vector string is (This article has been indexed from All CISA Advisories