Critical Vulnerabilities Discovered in Siemens SINEC Security Monitor
Siemens has released a new security update for its SINEC Security Monitor, a modular cybersecurity software used for passive, non-intrusive, and continuous monitoring of production environments on customer premises. Several critical vulnerabilities, tracked as CVE-2024-47553, CVE-2024-47562, CVE-2024-47563, and CVE-2024-47565, have been identified in versions prior to V4.9.0.
The four vulnerabilities discovered in the SINEC Security Monitor vary in severity and potential risk to affected systems. If exploited, they could allow attackers to execute arbitrary code, compromise system integrity, and potentially gain root-level access to the underlying operating system.
Among the addressed vulnerabilities are:
- CVE-2024-47553 (CVSSv4 9.4): Allows an authenticated, low-privileged attacker to execute arbitrary code with root privileges due to improper validation of user input in the
ssmctl-clientcommand. - CVE-2024-47562 (CVSSv4 9.3): Enables an authenticated, low-privileged local attacker to execute privileged commands due to improper neutralization of special elements in user input to the
ssmctl-clientcommand. - CVE-2024-47563 (CVSSv4 6.9): Allows an unauthenticated remote attacker to create files in unintended locations due to improper validation of a file path used for creating CSR files. This could compromise the integrity of files in those directories.
- CVE-2024-47565 (CVSSv4 5.3): Permits an authenticated remote attacker to compromise the configuration of the application due to insufficient validation of user input against allowed values.
Siemens urges users to update their SINEC Security Monitor installations to version 4.9.0 or later to mitigate these vulnerabilities. The update is available for download from the Siemens website.
Related Posts:
- CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available
- ServiceNow Security Alert: Critical Vulnerabilities Expose Businesses to RCE and Data Breaches
- Pandora FMS Reveals High-Risk Security Flaws Affecting 50,000+ Installations
- CVE-2024-36072 (CVSS 10): Unauthenticated RCE Flaw in CoSoSys Endpoint Protector
- CVE-2024-21586: Juniper SRX Vulnerability Leaves Networks Open to Attack
