Siemens Spectrum Power 4

Plan Patch8.8ICS-CERT ICSA-25-317-12Nov 13, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2 contain vulnerabilities (CWE-648, CWE-266, CWE-732, CWE-829) that allow an authenticated attacker to remotely execute code as application administrator or escalate privileges to operating system administrator level. The vulnerabilities are related to improper access control, privilege assumptions, and insecure file permissions. Successful exploitation could compromise the integrity and availability of power system monitoring and control functions.

What this means

What could happen

An attacker with valid application-level credentials could remotely execute arbitrary commands with administrator privileges on Spectrum Power 4, potentially disrupting power system monitoring, control, or data integrity across the utility's operations.

Who's at risk

This affects electric utility operators who run Siemens Spectrum Power 4 for power system monitoring and control. Any organization using Spectrum Power 4 versions before V4.70 SP12 Update 2 for SCADA operations, energy management, or power grid analysis should prioritize this update.

How it could be exploited

An attacker with valid Spectrum Power 4 application credentials and network access to the system could exploit an improper access control or privilege escalation vulnerability to execute arbitrary code remotely as application administrator. From there, escalation to OS-level administrative access is possible, allowing full system compromise.

Prerequisites

Valid Spectrum Power 4 application credentials (user account with application access)
Network access to Spectrum Power 4 on the application port
Vulnerability exists in versions prior to V4.70 SP12 Update 2

Remotely exploitable with valid credentialsHigh CVSS score (8.8)Affects authentication and access controlRemote code execution possible

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Spectrum Power 4: <V4.70_SP12_Update_2<V4.70 SP12 Update 24.70 SP12 Update 2

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to Spectrum Power 4 using firewall rules to limit connectivity to authorized administration workstations and control systems only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Spectrum Power 4 to version V4.70 SP12 Update 2 or later

Long-term hardening

0/2

HARDENINGSegment Spectrum Power 4 systems behind a firewall and isolate from business network connectivity

HARDENINGImplement VPN access for any remote administration of Spectrum Power 4, keeping VPN software updated to the latest version

CVEs (5)

CVE-2024-32008 CVE-2024-32009 CVE-2024-32010 CVE-2024-32011 CVE-2024-32014

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/1ecad816-c711-4ee9-a6d3-81d3abd8e4b2