Siemens TIM 1531 IRC
Act Now9.8ICS-CERT ICSA-24-165-06Jun 11, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Siemens TIM 1531 IRC industrial router contains multiple vulnerabilities in input validation, memory handling, and cryptographic operations (CWE-20, CWE-787, CWE-326, and others) that allow remote code execution. Affected versions: SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) and (6GK7543-1MX00-0XE0) running firmware 2.4.8 and earlier. An attacker can send malformed input to the device to trigger buffer overflows, integer overflows, or bypass security controls.
What this means
What could happen
An attacker with network access to the TIM 1531 IRC could execute arbitrary code on the device, potentially altering network routing, stopping communications between control systems and field devices, or redirecting traffic to compromise plant operations.
Who's at risk
Water authorities and utilities using Siemens TIM 1531 IRC industrial routers for communications between control systems, PLCs, and remote facilities. This device is critical for network connectivity in SCADA and process automation environments.
How it could be exploited
An attacker on the network sends a specially crafted message to the TIM 1531 IRC on its management or industrial protocol ports. The device fails to properly validate the input, allowing the attacker to overflow memory or inject commands that execute with device privileges. No authentication is required.
Prerequisites
- Network access to the TIM 1531 IRC device (typically ports used for industrial protocols or device management)
- Device running firmware version 2.4.8 or earlier
Remotely exploitableNo authentication requiredLow complexity attackHigh EPSS score (88.5%)Critical severityAffects network infrastructure
Exploitability
High exploit probability (EPSS 88.5%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SIPLUS TIM 1531 IRC<V2.4.82.4.8
TIM 1531 IRC<V2.4.82.4.8
Remediation & Mitigation
0/5
Do now
0/1TIM 1531 IRC
HARDENINGRestrict network access to TIM 1531 IRC devices using firewall rules; ensure they are not directly reachable from the internet or business network
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
SIPLUS TIM 1531 IRC
HOTFIXUpdate SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) to firmware version 2.4.8 or later
HOTFIXUpdate SIPLUS TIM 1531 IRC (6GK7543-1MX00-0XE0) to firmware version 2.4.8 or later
Long-term hardening
0/2TIM 1531 IRC
HARDENINGPlace TIM 1531 IRC devices behind firewall and isolate from business networks
All products
HARDENINGIf remote access is required, use VPN with current security updates
CVEs (32)
CVE-2021-47178CVE-2022-45919CVE-2023-0215CVE-2023-0286CVE-2023-0464CVE-2023-0465CVE-2023-0466CVE-2023-1017CVE-2023-2124CVE-2023-2269CVE-2023-21255CVE-2023-27321CVE-2023-28319CVE-2023-35788CVE-2023-35823CVE-2023-35824CVE-2023-35828CVE-2023-35829CVE-2023-41910CVE-2023-50763CVE-2023-52474CVE-2024-0775CVE-2022-1015CVE-2022-4304CVE-2022-4450CVE-2022-39189CVE-2022-40225CVE-2022-40303CVE-2022-40304CVE-2022-45886CVE-2022-45887CVE-2023-0160
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a762d4bf-c693-4c6d-9425-182d37792916