OTPulse
FeedAboutContact

Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1

Plan Patch7.6SSA-653855Mar 12, 2024
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary

SINEMA Remote Connect Client before V3.1 SP1 contains an information disclosure vulnerability (CWE-538) that allows authenticated attackers to access sensitive data stored locally on the client workstation. This could expose credentials or configuration information used for remote access to industrial control systems. The vulnerability requires valid user credentials and some form of user interaction or local access to the affected workstation.

What this means
What could happen
An attacker with valid login credentials could view sensitive information stored locally on an engineering workstation running SINEMA Remote Connect Client, potentially exposing credentials or configuration details for remote access to industrial systems.
Who's at risk
Siemens automation engineers and operators who use SINEMA Remote Connect Client for remote access to PLCs, HMIs, and industrial gateways should update immediately. This affects any organization managing Siemens industrial systems that rely on remote engineering access.
How it could be exploited
An attacker who has obtained valid credentials for the SINEMA Remote Connect Client could log in and read sensitive data stored unprotected in the client's local files or memory. This requires the attacker to have interactive access to the workstation or to trick a legitimate user into opening a malicious file via the user interaction requirement.
Prerequisites
  • Valid login credentials for SINEMA Remote Connect Client
  • Local or interactive access to the engineering workstation, or ability to trick a user to perform an action
  • SINEMA Remote Connect Client version earlier than V3.1 SP1 installed
Remotely exploitableRequires valid credentialsLow complexity attackAffects engineering workstations and remote access infrastructureLow EPSS score but actively disclosed
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
SINEMA Remote Connect ClientAll versions < V3.1 SP13.1 SP1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SINEMA Remote Connect Client to version V3.1 SP1 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/725e680a-b1ae-4b1a-b689-98f3adbb14d1
Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1 | CVSS 7.6 - OTPulse