Multiple Vulnerabilities in INTRALOG WMS Before V4

Plan Patch8SSA-417547Aug 13, 2024

Attack VectorAdjacent

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

INTRALOG WMS before V4 contains vulnerabilities in SQL Client-Server communication (CWE-319: cleartext transmission of sensitive information) and in the .NET framework (CWE-122: heap-based buffer overflow). An unauthenticated attacker on the INTRALOG WMS network can decrypt and modify client-server communications or execute arbitrary code on application servers. Siemens has released V4 and recommends immediate update. Contact your Siemens support representative with SSA-417547 and your installed version to coordinate remediation.

What this means

What could happen

An unauthenticated attacker with network access to the INTRALOG WMS infrastructure could decrypt and modify communication between WMS clients and servers, potentially leading to arbitrary code execution on application servers and unauthorized changes to warehouse management operations.

Who's at risk

Warehouse and logistics operations using INTRALOG WMS (Siemens warehouse management system) in versions prior to V4. This affects facility managers, distribution centers, and manufacturing plants relying on INTRALOG WMS for inventory tracking and order fulfillment.

How it could be exploited

An attacker positioned on the INTRALOG WMS network (such as a compromised workstation or through network segmentation breach) could intercept unencrypted or weakly encrypted SQL and .NET communications between the WMS client and server. By decrypting this traffic and crafting malicious packets, the attacker could modify warehouse management commands or inject code execution payloads.

Prerequisites

Network access to INTRALOG WMS infrastructure (AV:A indicates adjacent network required)
No authentication required for exploitation
Device must be running INTRALOG WMS version prior to V4

Remotely exploitable from adjacent networkNo authentication requiredWeak cryptography in client-server communicationLow complexity attack (CWE-319: cleartext transmission)No patch available until upgrade windowCould affect warehouse operations and data integrity

Exploitability

Low exploit probability (EPSS 0.9%)

Affected products (1)

ProductAffected VersionsFix Status

INTRALOG WMS<V44 or later version

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade INTRALOG WMS to version 4 or later

Long-term hardening

0/2

HARDENINGImplement network segmentation to restrict client-server communication to authorized subnets only

HARDENINGMonitor network traffic for anomalous SQL or .NET communication patterns

CVEs (2)

CVE-2024-0056 CVE-2024-30045

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/2525f66c-c6f9-4de7-aba6-a001ca122639