Siemens Industrial Edge Device Kit
Act Now9.8ICS-CERT ICSA-25-105-02Apr 8, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Industrial Edge Device Kit contains a weak authentication vulnerability (CWE-1390) in multiple versions. An unauthenticated remote attacker can bypass authentication and impersonate a legitimate user. Siemens has released fixed versions for V1.20 (update to 1.20.2-1) and V1.21 (update to 1.21.1-1). Versions 1.17, 1.18, and 1.19 on both arm64 and x86-64 platforms have no fix available. The vulnerability allows unauthorized access to the device without requiring credentials, enabling an attacker to interact with edge applications and compromise data integrity or availability.
What this means
What could happen
An unauthenticated attacker on your network could bypass authentication and impersonate a legitimate user to the Industrial Edge Device, potentially gaining control over edge applications and data processing that support your manufacturing operations.
Who's at risk
This affects manufacturing facilities and OEM vendors that use Siemens Industrial Edge Device Kit as the runtime environment for edge computing applications. Organizations running versions 1.17, 1.18, 1.19, and early versions of 1.20/1.21 on either ARM64 or x86-64 hardware are at risk if their devices are reachable from untrusted networks.
How it could be exploited
An attacker with network access to the Industrial Edge Device exploits a weak authentication mechanism to send a crafted request that bypasses login validation. Once authenticated, the attacker can interact with the device as a legitimate user without providing valid credentials.
Prerequisites
- Network access to the Industrial Edge Device on its management interface
- No credentials required—authentication is bypassed
Remotely exploitableNo authentication requiredLow complexity attackAffects older versions with no fix available (1.17, 1.18, 1.19)High CVSS score (9.8)
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (10)
4 with fix6 EOL
ProductAffected VersionsFix Status
Industrial Edge Device Kit - arm64 V1.18All versionsNo fix (EOL)
Industrial Edge Device Kit - x86-64 V1.19All versionsNo fix (EOL)
Industrial Edge Device Kit - arm64 V1.20<V1.20.2-11.20.2-1
Industrial Edge Device Kit - arm64 V1.21<V1.21.1-11.21.1-1
Industrial Edge Device Kit - x86-64 V1.20<V1.20.2-11.20.2-1
Industrial Edge Device Kit - x86-64 V1.21<V1.21.1-11.21.1-1
Industrial Edge Device Kit - arm64 V1.17All versionsNo fix (EOL)
Industrial Edge Device Kit - arm64 V1.19All versionsNo fix (EOL)
Remediation & Mitigation
0/7
Do now
0/1WORKAROUNDRestrict network access to Industrial Edge Devices to trusted parties only—do not expose to untrusted networks or the internet
Schedule — requires maintenance window
0/4Patching may require device reboot — plan for process interruption
HOTFIXUpdate Industrial Edge Device Kit arm64 V1.20 to version 1.20.2-1 or later
HOTFIXUpdate Industrial Edge Device Kit x86-64 V1.20 to version 1.20.2-1 or later
HOTFIXUpdate Industrial Edge Device Kit arm64 V1.21 to version 1.21.1-1 or later
HOTFIXUpdate Industrial Edge Device Kit x86-64 V1.21 to version 1.21.1-1 or later
Mitigations - no patch available
0/2The following products have reached End of Life with no planned fix: Industrial Edge Device Kit - arm64 V1.18, Industrial Edge Device Kit - x86-64 V1.19, Industrial Edge Device Kit - arm64 V1.17, Industrial Edge Device Kit - arm64 V1.19, Industrial Edge Device Kit - x86-64 V1.17, Industrial Edge Device Kit - x86-64 V1.18. Apply the following compensating controls:
HARDENINGIsolate Industrial Edge Device networks behind firewalls and separate from business networks
HARDENINGFor remote access, use VPN or secure tunneling mechanisms instead of direct exposure
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/89d6ff2f-f3f5-41c2-851c-cebcdb27f8f4