OTPulse
FeedAboutContact

Siemens SIMATIC CP

Plan Patch7.5ICS-CERT ICSA-24-319-11Nov 12, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SIMATIC CP 1543-1 V4.0 firmware versions 4.0.44 through 4.0.49 contain an Incorrect Authorization vulnerability (CWE-863) that allows unauthenticated network attackers to access the device filesystem on port 8448/tcp. This could expose sensitive files including configuration data and credentials. Siemens has released firmware version 4.0.50 to address the issue.

What this means
What could happen
An unauthenticated attacker with network access to port 8448 could read files from the device's filesystem, potentially exposing configuration data, passwords, or operational parameters that could be used in further attacks on your control network.
Who's at risk
Organizations running Siemens SIMATIC CP 1543-1 devices on industrial networks, particularly those used in water utilities, wastewater systems, and electric utilities for communication and I/O management. This includes any facility where the CP 1543-1 serves as a network communication module for PLCs and remote I/O devices.
How it could be exploited
An attacker on the network sends unauthenticated requests to port 8448/tcp on the SIMATIC CP 1543-1 device. Due to the authorization vulnerability, the device grants access to the filesystem without requiring credentials. The attacker can then browse and download sensitive files.
Prerequisites
  • Network access to port 8448/tcp on the affected device
  • SIMATIC CP 1543-1 V4.0 running firmware version 4.0.44 through 4.0.49
  • No credentials required
remotely exploitableno authentication requiredlow complexityaffects communication infrastructure
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC CP 1543-1 V4.0≥ V4.0.44|<V4.0.504.0.50
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDRestrict network access to port 8448/tcp to only trusted systems and management workstations using firewall rules
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC CP 1543-1 V4.0 to firmware version 4.0.50 or later
Long-term hardening
0/1
HARDENINGPlace the CP 1543-1 device on a segregated industrial control network isolated from business networks and the Internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/fe7a8701-f1eb-48bb-8182-33b4c2e38cad