Siemens SIMATIC CP
Plan PatchCVSS 7.5ICS-CERT ICSA-24-319-11Nov 12, 2024
Siemens
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
SIMATIC CP 1543-1 devices running firmware V4.0.44 through V4.0.49 contain an incorrect authorization vulnerability on port 8448/tcp. An unauthenticated attacker with network access can bypass authentication controls and read files from the device's filesystem. Siemens has released firmware version 4.0.50 to correct this issue.
What this means
What could happen
An unauthenticated attacker with network access to the CP 1543-1 could read files on the device's filesystem, potentially exposing configuration data, credentials, or other sensitive operational information.
Who's at risk
Water utilities and municipal electric utilities operating Siemens SIMATIC CP 1543-1 communication processors (specifically V4.0 firmware versions 4.0.44–4.0.49) that use port 8448/tcp for management or data transfer. This device is typically used for network communication and data logging in SCADA and process control systems.
How it could be exploited
An attacker with network access to port 8448/tcp on the SIMATIC CP 1543-1 can exploit an authorization flaw to bypass authentication and access the filesystem without providing credentials. The attack requires only network connectivity; no user interaction or special system configuration is needed.
Prerequisites
- Network access to port 8448/tcp on the SIMATIC CP 1543-1 device
- Device running SIMATIC CP 1543-1 V4.0 firmware version 4.0.44 through 4.0.49
remotely exploitableno authentication requiredlow complexityaffects process control device
Exploitability
Unlikely to be exploited — EPSS score 0.6%
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC CP 1543-1 V4.0≥ V4.0.44|<V4.0.504.0.50
Remediation & Mitigation
0/3
Do now
0/1WORKAROUNDRestrict network access to port 8448/tcp on the CP 1543-1 to only trusted systems and networks using firewall rules or device configuration
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SIMATIC CP 1543-1 V4.0 devices to firmware version 4.0.50 or later
Long-term hardening
0/1HARDENINGIsolate the CP 1543-1 device behind a firewall to prevent direct internet accessibility
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/fe7a8701-f1eb-48bb-8182-33b4c2e38cadGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.