As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: CPCI85 for CP-8031/CP-8050, CPCI85, SICORE
- Vulnerabilities: Unverified Password Change, Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to perform an unauthorized password reset which could lead to privilege escalation and potential leak of information.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Siemens SICAM product versions are affected:
- CPCI85 Central Processing/Communication: All versions prior to V5.40
- SICORE Base system: All versions prior to V1.4.0
3.2 Vulnerability Overview
3.2.1 UNVERIFIED PASSWORD CHANGE CWE-620
The password of administrative accounts of the affected applications can be reset without requiring the knowledge of the current password, given the auto login is enabled. This could allow an unauthorized attacker to obtain administrative access of the affected applications.
CVE-2024-37998 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (This article has been indexed from All CISA Advisories