OTPulse
FeedAboutContact

Siemens Siveillance Control

Monitor5.5ICS-CERT ICSA-24-074-10Mar 12, 2024
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

Siveillance Control versions 2.8 through 3.1.0 contain an improper access control vulnerability where the system does not properly validate access group assignments for individual users. A locally logged-on user could exploit this to gain write privileges on objects where they should only have read access, potentially allowing modification of monitored configurations or objects.

What this means
What could happen
A local user with read-only access to Siveillance Control could escalate their privileges to write access by exploiting improper access group validation, potentially allowing them to modify monitored objects or system configuration they should not have authority to change.
Who's at risk
Security personnel and system administrators managing surveillance and physical security monitoring systems using Siemens Siveillance Control v2.8 through v3.1.0 should prioritize this update. The vulnerability affects any organization using this surveillance control software where user role separation and read-only access restrictions are relied upon for security control.
How it could be exploited
An attacker with local login access to the Siveillance Control frontend could bypass the access group check mechanism to gain write privileges on objects where their user account is assigned only read permissions. This requires local machine access and an existing user account.
Prerequisites
  • Local login access to the Siveillance Control frontend machine
  • An existing user account with at least read access to the system
  • Physical or network access to the machine running Siveillance Control
Local access requiredLow complexity attackPrivilege escalationAffects security/surveillance systemsImproper access control
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Siveillance Control≥ V2.8<V3.1.13.1.1
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict physical and network access to the machine where the Siveillance Control frontend is installed; limit user login access to authorized personnel only
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Siveillance Control to version 3.1.1 or later
Long-term hardening
0/1
HARDENINGConfigure network access protections and segment the Siveillance Control frontend machine from untrusted networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/becf2759-465f-4aa9-884f-fdfca7cdbcf5
Siemens Siveillance Control | CVSS 5.5 - OTPulse