Authorization Bypass Vulnerability in Industrial Edge
Act Now9.8SSA-692317Sep 14, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A vulnerability in Industrial Edge Management allows an unauthenticated attacker to change the password of any user in the system, enabling account takeover and user impersonation.
What this means
What could happen
An attacker could reset any user's password without credentials, gaining full access to Industrial Edge Management and the ability to control connected OT systems, modify configurations, or disable monitoring.
Who's at risk
Manufacturing facilities using Siemens Industrial Edge Management for edge computing and OT process orchestration should prioritize this update. This affects sites that rely on Industrial Edge for monitoring, controlling, or managing connected industrial equipment and sensors.
How it could be exploited
An attacker on the network sends a specially crafted request to the Industrial Edge Management authentication mechanism to change a user's password without providing valid credentials. Once the password is reset, the attacker logs in as that user and gains full system access.
Prerequisites
- Network access to Industrial Edge Management interface
- Affected version (Industrial Edge Management prior to V1.3)
- No credentials required
remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)affects management access to OT systems
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
Industrial Edge Management< V1.31.3
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate Industrial Edge Management to version 1.3 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a94741e7-4c8c-4a6f-aaef-379572ed2764