Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2

Plan Patch7.8SSA-196737Jun 11, 2024

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

SINEC Traffic Analyzer before V1.2 contains multiple vulnerabilities including buffer overflow (CWE-787), improper authentication (CWE-613), cross-site request forgery (CWE-352), cleartext credential storage (CWE-522), missing authorization (CWE-749), cleartext transmission (CWE-319), insufficient HTTPS validation (CWE-614), and improper input validation (CWE-20). These issues allow local attackers to execute arbitrary code, access credentials, and modify network configuration through user interaction.

What this means

What could happen

An attacker with local access to a workstation running SINEC Traffic Analyzer could execute arbitrary code, modify configuration data, or access sensitive network information, potentially disrupting traffic monitoring and control operations.

Who's at risk

Transportation operators and traffic management systems engineers who use SINEC Traffic Analyzer for network monitoring and analysis on engineering workstations.

How it could be exploited

An attacker with local access to a Windows workstation running SINEC Traffic Analyzer could exploit memory corruption (buffer overflow), weak authentication, or insecure communication mechanisms to execute code or tamper with stored credentials and network traffic data.

Prerequisites

Local access to the workstation where SINEC Traffic Analyzer is installed
User interaction required (vulnerability is triggered by user action)
SINEC Traffic Analyzer version before V1.2

memory corruption vulnerabilityweak credential handlinglocal exploitation requiredaffects traffic monitoring systems

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (1)

ProductAffected VersionsFix Status

SINEC Traffic Analyzer< V1.21.2

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SINEC Traffic Analyzer to version 1.2 or later

CVEs (8)

CVE-2022-41742 CVE-2024-35206 CVE-2024-35207 CVE-2024-35208 CVE-2024-35209 CVE-2024-35210 CVE-2024-35211 CVE-2024-35212

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/41358738-681c-49f8-892a-ab5b1cc82b48