Siemens Product Security Update Advisory

MalBot · August 14, 2024, 4:31am

Overview

Siemens has released an update to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.

Affected Products

CVE-2024-36398, CVE-2024-41940, CVE-2024-41939

SINEC NMS version: ~ 3.0 (excluded)

CVE-2024-41903, CVE-2024-41904, CVE-2024-41905

SINEC Traffic Analyzer version: ~ 2.0 (excluded)

CVE-2022-35868

TIA Multiuser Server version: 14
TIA Multiuser Server version: ~ 15.1 Update 8 (excluded)
TIA Project-Server version: ~ 1.1 (excluded)
TIA Project-Server version: 16
TIA Project-Server version: ~ 17 Update 6 (excluded)

CVE-2024-41908

NX version: ~ 2406.3000 (excluded)

CVE-2024-41976, CVE-2024-41977, CVE-2024-41978

RUGGEDCOM RM1224 LTE (4G) EU version: ~ 8.1 (excluded)
RUGGEDCOM RM1224 LTE (4G) NAM version: ~ 8.1 (excluded)
SCALANCE M804PB version: ~ 8.1 (excluded)
SCALANCE M812-1 ADSL-Router family version: ~ 8.1 (excluded)
SCALANCE M816-1 ADSL-Router family version: ~ 8.1 (excluded)
SCALANCE M826-2 SHDSL-Router version: ~ 8.1 (excluded)
SCALANCE M874-2 version: ~ 8.1 (excluded)
SCALANCE M874-3 version: ~ 8.1 (excluded)
SCALANCE M874-3 3G-Router (CN) version: ~ 8.1 (excluded)
SCALANCE M876-3 version: ~ 8.1 (excluded)
SCALANCE M876-3 (ROK) version: ~ 8.1 (excluded)
SCALANCE M876-4 versions: ~ 8.1 (excluded)
SCALANCE M876-4 (EU) version: ~ 8.1 (excluded)
SCALANCE M876-4 (NAM) version: ~ 8.1 (excluded)
SCALANCE MUM853-1 (A1) version: ~ 8.1 (excluded)
SCALANCE MUM853-1 (B1) version: ~ 8.1 (excluded)
SCALANCE MUM853-1 (EU) version: ~ 8.1 (excluded)
SCALANCE MUM856-1 (A1) version: ~ 8.1 (excluded)
SCALANCE MUM856-1 (B1) version: ~ 8.1 (excluded)
SCALANCE MUM856-1 (CN) version: ~ 8.1 (excluded)
SCALANCE MUM856-1 (EU) version: ~ 8.1 (excluded)
SCALANCE MUM856-1 (RoW) version: ~ 8.1 (excluded)
SCALANCE S615 EEC LAN-Router version: ~ 8.1 (excluded)
SCALANCE S615 LAN-Router version: ~ 8.1 (excluded)

Resolved Vulnerabilities

Running a subset of services as `NT AUTHORITY\SYSTEM` allows attackers to execute operating system commands with elevated privileges (CVE-2024-36398)

Failure to properly validate user input to the privileged command queue, which could allow an attacker to execute OS commands with elevated privileges (CVE-2024-41940)

A vulnerability in which privilege checks are not properly enforced, allowing an attacker to bypass checks and elevate privileges in the application (CVE-2024-41939)

Vulnerability where the root file system of a container could be mounted with read and write permissions, allowing an attacker to change the file system of the container, resulting in unauthorized modification and data corruption (CVE-2024-41903)

Excessive authentication attempt limits are not properly enforced, which could allow an attacker to conduct a brute force attack against legitimate user credentials or keys (CVE2024-41904)

No access controls for accessing files, which could allow attackers to access sensitive information (CVE-2024-41905)

Contained an untrusted search path vulnerability, which could allow an attacker to trick a legitimate user into escalating privileges when starting a service from an attacker-controlled path (CVE-2022-35868)

An out-of-bounds read vulnerability while parsing crafted PRT files could allow an attacker to crash the application or execute code in the context of the current process (CVE-2024-41908)

A vulnerability in certain VPN configuration fields that does not properly validate input, which could allow remote attackers to execute arbitrary code on the device (CVE-2024-41976)

Vulnerability in a web server component that did not properly enforce isolation between user sessions, allowing remote attackers to escalate privileges on the device (CVE-2024-41977)

Vulnerability that could allow remote attackers to forge another user’s 2FA token by injecting sensitive information about 2FA token generation into log files (CVE-2024-41978)

Vulnerability Patches

The following product-specific Vulnerability Patches were made available in the August 13, 2024 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-36398, CVE-2024-41940, CVE-2024-41939