Critical Vulnerabilities Discovered in Siemens SINEC Security Monitor

CVE-2024-22040 - SINEC Security Monitor

Siemens has released a new security update for its SINEC Security Monitor, a modular cybersecurity software used for passive, non-intrusive, and continuous monitoring of production environments on customer premises. Several critical vulnerabilities, tracked as CVE-2024-47553, CVE-2024-47562, CVE-2024-47563, and CVE-2024-47565, have been identified in versions prior to V4.9.0.

The four vulnerabilities discovered in the SINEC Security Monitor vary in severity and potential risk to affected systems. If exploited, they could allow attackers to execute arbitrary code, compromise system integrity, and potentially gain root-level access to the underlying operating system.

Among the addressed vulnerabilities are:

  • CVE-2024-47553 (CVSSv4 9.4): Allows an authenticated, low-privileged attacker to execute arbitrary code with root privileges due to improper validation of user input in the ssmctl-client command.
  • CVE-2024-47562 (CVSSv4 9.3): Enables an authenticated, low-privileged local attacker to execute privileged commands due to improper neutralization of special elements in user input to the ssmctl-client command.
  • CVE-2024-47563 (CVSSv4 6.9): Allows an unauthenticated remote attacker to create files in unintended locations due to improper validation of a file path used for creating CSR files. This could compromise the integrity of files in those directories.
  • CVE-2024-47565 (CVSSv4 5.3): Permits an authenticated remote attacker to compromise the configuration of the application due to insufficient validation of user input against allowed values.

Siemens urges users to update their SINEC Security Monitor installations to version 4.9.0 or later to mitigate these vulnerabilities. The update is available for download from the Siemens website.

Related Posts: