Siemens Industrial Edge Devices
Act Now9.8ICS-CERT ICSA-25-100-04Apr 8, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Siemens Industrial Edge Devices contain a weak authentication vulnerability (CWE-1390) that allows an unauthenticated remote attacker to circumvent authentication mechanisms and impersonate legitimate users. Affected products include Industrial Edge Own Device (IEOD), Industrial Edge Virtual Device, SIMATIC IPC BX-39A, BX-59A, IPC127E, IPC227E, IPC427E, IPC847E Industrial Edge Devices, and SCALANCE LPE9413 managed switch. Siemens has released updated firmware versions for most products but no fix is available for SCALANCE LPE9413 and SIMATIC IPC427E.
What this means
What could happen
An unauthenticated attacker with network access to an affected Industrial Edge Device could bypass authentication and impersonate a legitimate user, gaining the ability to run arbitrary commands, alter process parameters, or disrupt production operations on connected industrial equipment.
Who's at risk
Manufacturing facilities using Siemens Industrial Edge Devices for process automation, particularly those running IEOD, SIMATIC IPC BX-series, or SIMATIC IPC12/22/42/84-series edge controllers in production environments. Operators of SCALANCE LPE9413 managed switches integrated with these systems are also affected.
How it could be exploited
An attacker on the network sends specially crafted requests to the Industrial Edge Device's authentication mechanism. Because authentication is weak (CWE-1390), the device accepts the request without valid credentials. The attacker then impersonates a legitimate administrator and issues commands to connected PLCs or process controllers to alter setpoints, stop operations, or modify production logic.
Prerequisites
- Network access to the Industrial Edge Device (no internet access required if device is on plant network)
- No valid user credentials needed
Remotely exploitableNo authentication requiredLow complexity attackHigh CVSS score (9.8)Affects operational technology systemsNo patch available for SCALANCE LPE9413
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (9)
8 with fix1 EOL
ProductAffected VersionsFix Status
Industrial Edge Own Device (IEOD)<V1.21.1-1-a1.21.1-1-a
Industrial Edge Virtual Device<V1.21.1-1-a1.21.1-1-a
SIMATIC IPC BX-39A Industrial Edge Device<V3.03.0
SIMATIC IPC BX-59A Industrial Edge Device<V3.03.0
SIMATIC IPC127E Industrial Edge Device<V3.03.0
SIMATIC IPC227E Industrial Edge Device<V3.03.0
SIMATIC IPC427E Industrial Edge Device<V3.03.0
SCALANCE LPE9413All versionsNo fix (EOL)
Remediation & Mitigation
0/6
Do now
0/1WORKAROUNDRestrict network access to Industrial Edge Devices to trusted parties and engineering workstations only using firewall rules or network segmentation
Schedule — requires maintenance window
0/3Patching may require device reboot — plan for process interruption
Industrial Edge Own Device (IEOD)
HOTFIXUpdate Industrial Edge Own Device (IEOD) to version 1.21.1-1-a or later
Industrial Edge Virtual Device
HOTFIXUpdate Industrial Edge Virtual Device to version 1.21.1-1-a or later
All products
HOTFIXUpdate SIMATIC IPC BX-39A, BX-59A, IPC127E, IPC227E, IPC847E Industrial Edge Devices to version 3.0 or later
Mitigations - no patch available
0/2SCALANCE LPE9413 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate Industrial Edge Device networks from the internet and business networks using air gaps, firewalls, or VLANs
HARDENINGImplement network segmentation and access controls to limit which devices can communicate with affected Industrial Edge Devices
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/c76d741f-1bfe-4988-9382-126a4e21057b