Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor
Monitor7ICS-CERT ICSA-25-044-12Feb 11, 2025
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary
SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability (CWE-732) that allows an authenticated local attacker to perform privilege escalation or bypass security measures. The vulnerability affects all versions of both products, and no vendor fix is available. Siemens recommends network protection mechanisms and adherence to their operational security guidelines for Industrial Security.
What this means
What could happen
An authenticated attacker with local access to an IPC could escalate privileges or bypass built-in security controls, potentially allowing unauthorized modification of diagnostic or monitoring configurations or access to protected system functions.
Who's at risk
Water utilities and municipal power systems using Siemens SIMATIC IPC edge/gateway devices for diagnostics and monitoring should be concerned. These devices often run diagnostic and performance monitoring tools that should be restricted to authorized personnel only. Facilities using DiagBase or DiagMonitor for troubleshooting or condition monitoring are affected.
How it could be exploited
An attacker with a local user account on the IPC could modify registry permissions on the DiagBase or DiagMonitor installation to gain elevated privileges, allowing them to bypass access controls or alter diagnostic and monitoring settings that should be restricted.
Prerequisites
- Local user account on the SIMATIC IPC
- Physical or remote access to the IPC operating system
- DiagBase or DiagMonitor installed on the IPC
Low complexity exploitationWeak permissions vulnerabilityNo patch availableAffects diagnostic and security-critical functionsRequires local access but chains with other vulnerabilities
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
SIMATIC IPC DiagBaseAll versionsNo fix (EOL)
SIMATIC IPC DiagMonitorAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2SIMATIC IPC DiagBase
WORKAROUNDManually audit and restrict registry permissions on SIMATIC IPC DiagBase and DiagMonitor installation directories to ensure only authorized administrators can modify them
All products
HARDENINGApply network segmentation and access controls to restrict who can log into SIMATIC IPC devices; use firewall rules and VPN access where possible
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGEnforce strong local user account policies (strong passwords, account lockout, minimal privilege) on all SIMATIC IPCs running DiagBase or DiagMonitor
Mitigations - no patch available
0/1The following products have reached End of Life with no planned fix: SIMATIC IPC DiagBase, SIMATIC IPC DiagMonitor. Apply the following compensating controls:
HARDENINGFollow Siemens operational guidelines for Industrial Security to configure the IPC environment securely
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/b3ee4b1f-0915-4610-be55-4b09f31bf96d