OTPulse

Siemens Mendix SAML Module

Plan PatchCVSS 8.2ICS-CERT ICSA-25-231-02Aug 12, 2025
SiemensEnergyManufacturing
Attack path
Attack VectorLocal
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in the WIBU Systems CodeMeter Runtime component affects multiple Siemens building automation and power management products. The vulnerability could allow a user with high-level privileges to escalate their access on the affected system. Affected product families include Desigo CC (V5.0 through V8), SENTRON Powermanager (V5 through V8), SIMATIC PDM Maintenance Station (V5.0), and SIMATIC WinCC OA (V3.18, V3.19, V3.20). Siemens has released patches for recent versions (V8 and V3.18–V3.20) and recommends enabling encryption and restricting network access as immediate mitigations. Older versions (V5.0–V7) will not receive patches and must rely on network controls and encryption settings.

What this means
What could happen
An authenticated user with high-level privileges on a Desigo CC, SENTRON Powermanager, or SIMATIC WinCC OA system could exploit a vulnerability in the CodeMeter Runtime component to escalate their access or execute unauthorized administrative commands on the building/power management control system.
Who's at risk
Organizations operating Siemens building automation and power management systems should prioritize this advisory. Specifically: facility managers running Desigo CC for HVAC and building controls (versions V5.0–V8); utilities operating SENTRON Powermanager for electrical distribution control (versions V5–V8); and plants using SIMATIC WinCC OA for SCADA visualization and PDM systems for instrument maintenance. All energy and manufacturing sectors relying on these Siemens control platforms are affected.
How it could be exploited
An attacker with local access to an affected system and high-level credentials (engineer or administrator) could manipulate the CodeMeter Runtime component to gain further privilege escalation. The attack requires high complexity and cannot be executed remotely; the attacker must have both network access to the device and valid high-privilege credentials.
Prerequisites
  • Local or direct network access to the affected device
  • High-privilege credentials (engineer or administrator account)
  • Configuration without encryption enabled (UseEncryption disabled)
Requires high-privilege credentialsNo active exploitation reportedVendor has released patches for recent versionsEnd-of-life products (V5.0–V7) will not be patchedAffects centralized control systems for critical building and power infrastructure
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (13)
5 with fix8 EOL
ProductAffected VersionsFix Status
Desigo CC family V8<V8.0 QU28.0 QU2
Desigo CC family V5.0All versionsNo fix (EOL)
Desigo CC family V5.1All versionsNo fix (EOL)
Desigo CC family V6All versionsNo fix (EOL)
Desigo CC family V7All versionsNo fix (EOL)
SENTRON Powermanager V6All versionsNo fix (EOL)
SENTRON Powermanager V8<V8.0 QU28.0 QU2
SIMATIC PDM Maintenance Station V5.0All versionsNo fix (EOL)
Remediation & Mitigation
0/10
Do now
0/2
HARDENINGEnsure UseEncryption is enabled in all affected Desigo CC, SENTRON Powermanager, and SIMATIC PDM Maintenance Station configurations
HARDENINGRestrict network access to affected devices to authorized engineer and administrative workstations only
Schedule — requires maintenance window
0/8

Patching may require device reboot — plan for process interruption

SENTRON Powermanager V8
HOTFIXUpdate SENTRON Powermanager V8 to 8.0 QU2 or later
SIMATIC WinCC OA V3.18
HOTFIXUpdate SIMATIC WinCC OA v3.18 to patch level 032 or later
SIMATIC WinCC OA V3.19
HOTFIXUpdate SIMATIC WinCC OA v3.19 to patch level 020 or later
SIMATIC WinCC OA V3.20
HOTFIXUpdate SIMATIC WinCC OA v3.20 to patch level 008 or later
All products
HOTFIXUpdate Mendix SAML module to v3.6.21 or later if running Mendix 9.24 compatible version
HOTFIXUpdate Mendix SAML module to v4.0.3 or later if running Mendix 10.12 compatible version
HOTFIXUpdate Mendix SAML module to v4.1.2 or later if running Mendix 10.21 compatible version
HOTFIXUpdate Desigo CC V8 to 8.0 QU2 or later
View full CISA ICS-CERT advisory
API: /api/v1/advisories/c9ea04ec-7614-4552-9d77-20ee667acf90

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.