Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2

Act Now9.8SSA-576771Mar 12, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SINEMA Remote Connect Server before V3.2 contains multiple vulnerabilities (CWE-79 cross-site scripting, CWE-284 improper access control) that allow unauthenticated remote attackers to compromise the server. The vulnerabilities enable code injection and bypass of access restrictions.

What this means

What could happen

An attacker with network access could exploit these vulnerabilities to gain unauthorized access to SINEMA Remote Connect Server, potentially allowing them to intercept remote management sessions or execute commands on the server itself, which could compromise your ability to remotely manage and maintain Siemens industrial equipment.

Who's at risk

Organizations operating Siemens remote management infrastructure should care about this vulnerability. It affects SINEMA Remote Connect Server, which is used by utilities and manufacturers to remotely manage and configure industrial equipment (PLCs, drives, HMIs). Water authorities and electric utilities using Siemens SCADA systems for remote engineering access are directly impacted.

How it could be exploited

An attacker on the network can send specially crafted requests to the unauthenticated SINEMA Remote Connect Server service. The lack of authentication and input validation allows the attacker to inject code or bypass access controls without needing valid credentials or special knowledge of your network setup.

Prerequisites

Network access to SINEMA Remote Connect Server
Server must be reachable from attacker's network
No authentication required

Remotely exploitableNo authentication requiredLow complexity attackHigh CVSS score (9.8)Affects remote management capabilities

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

SINEMA Remote Connect Server<V3.13.1

SINEMA Remote Connect Server<V3.23.2

Remediation & Mitigation

0/2

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

SINEMA Remote Connect Server

HOTFIXUpdate SINEMA Remote Connect Server to version 3.1 or later

HOTFIXUpdate SINEMA Remote Connect Server to version 3.2 or later

CVEs (2)

CVE-2020-23064 CVE-2022-32257

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/bb3712a0-6bbd-4760-9c7f-12bf5188eb92