OTPulse
FeedAboutContact

Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS)

Act Now9.1SSA-534283Sep 9, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SIMATIC Virtualization as a Service (SIVaaS) exposes a network file share that requires no authentication to access. An attacker on the network can connect to and read or modify sensitive files without providing credentials. This affects all versions of SIVaaS. Siemens recommends contacting technical support for assistance. No patch is currently available from the vendor.

What this means
What could happen
An attacker with network access to SIVaaS could read or modify sensitive configuration data, backup files, and system information stored on the exposed file share, potentially leading to system compromise or operational disruption of virtualized industrial control systems.
Who's at risk
Any organization running SIMATIC Virtualization as a Service (SIVaaS) for hosting virtualized industrial control systems, including those managing water treatment facilities, power distribution, manufacturing plants, or other critical infrastructure that relies on virtualized SIMATIC PLCs and HMIs.
How it could be exploited
An attacker on the network discovers the SIVaaS file share is accessible without authentication (likely via network enumeration of SMB/CIFS shares). The attacker connects to the share and reads or modifies files, gaining access to configuration details, credentials, or operational data that could be used to compromise the virtualized SIMATIC environment.
Prerequisites
  • Network access to SIVaaS file share (typically SMB/CIFS on port 445)
  • No authentication credentials required
Remotely exploitableNo authentication requiredLow complexityNo patch availableAffects industrial control systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC Virtualization as a Service (SIVaaS)All versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/2
HOTFIXContact Siemens Technical Support for a vendor-supplied patch or configuration workaround
WORKAROUNDRestrict network access to the SIVaaS file share using firewall rules to only authorized administrative workstations and systems that require access
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGSegment the SIVaaS system onto a dedicated administrative network separate from production OT systems and general IT networks
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d571989c-a56e-47c9-8c0c-6c20fc65d19c