Multiple Vulnerabilities in SINEMA Remote Connect Client Before V3.2 SP2

Act Now9.8SSA-417159Sep 10, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SINEMA Remote Connect Client before V3.2 SP2 contains multiple vulnerabilities including use-after-free (CWE-416), improper input validation (CWE-20), certificate validation bypass (CWE-295), improper certificate validation (CWE-297), and insecure crypto implementation (CWE-613). These flaws allow remote attackers to execute code, compromise credentials, or deny service without requiring authentication or user interaction.

What this means

What could happen

Multiple vulnerabilities in SINEMA Remote Connect Client could allow an attacker to gain remote code execution, steal credentials, or cause denial of service. This could disrupt secure remote access to critical control systems and engineering workstations.

Who's at risk

Utilities and manufacturers using SINEMA Remote Connect Client for secure remote access to engineering workstations, HMIs, or PLCs. This affects IT and automation engineers who rely on this software for remote administration of industrial control systems.

How it could be exploited

An attacker can exploit these vulnerabilities over the network without authentication or user interaction. The attack could target the Remote Connect Client software running on engineering workstations or jump hosts, allowing execution of arbitrary commands or interception of encrypted communications.

Prerequisites

Network access to the system running SINEMA Remote Connect Client
SINEMA Remote Connect Client version before V3.2 SP2 installed and running

remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)

Exploitability

Moderate exploit probability (EPSS 2.0%)

Affected products (1)

ProductAffected VersionsFix Status

SINEMA Remote Connect ClientAll versions < V3.2 SP23.2 SP2

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SINEMA Remote Connect Client to version V3.2 SP2 or later

CVEs (7)

CVE-2023-46850 CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 CVE-2024-32006 CVE-2024-42344

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a44f6ffa-e8aa-41a8-bf34-7b191ec3cbe0