VDB
ICSA-24-256-04
ICSA-24-256-04
PUBLISHED
CVSS 5.5 MEDIUM
SINUMERIK systems, that have been provisioned with Create MyConfig (CMC), are affected by a Insertion of Sensitive Information into Log File vulnerability. When using a CMC package on a NCU or on an IPC the password used in the CMC package or typed in manually during package execution is traced on the machine to the file uptrace.out. This could allow a local authenticated user with low privileges to read that password and use it to impersonate a user with higher privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SINUMERIK ONE | ||
| SINUMERIK 828D V4 | ||
| SINUMERIK 840D sl V4 |
Timeline
- Sep 10, 2024 CVE Published
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-097786.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-097786.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-256-04.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-04 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url