OTPulse
FeedAboutContact

Code Execution Vulnerability in SINEMA Remote Connect Client

Plan Patch7.8SSA-816035Aug 19, 2021
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

SINEMA Remote Connect Client versions prior to 3.0 SP1 contain a privilege escalation vulnerability (CWE-15) that could allow a local attacker with user-level access to escalate their privileges or execute arbitrary code on the affected system. This could compromise the security of remote connections to industrial control systems.

What this means
What could happen
A user with local access to a machine running SINEMA Remote Connect Client could escalate their privileges or execute arbitrary code on that system, potentially compromising access to remote industrial networks and control systems.
Who's at risk
Engineering and operations teams who use SINEMA Remote Connect Client to manage remote access to Siemens industrial control systems, including water treatment facilities, power generation, and manufacturing automation environments. Any organization using this software as a gateway to critical infrastructure.
How it could be exploited
An attacker with a local user account on a workstation running SINEMA Remote Connect Client (versions before 3.0 SP1) can exploit a privilege escalation vulnerability to gain elevated privileges or execute code with system-level access. The attack requires interactive access to the affected workstation.
Prerequisites
  • Local user account on the workstation running SINEMA Remote Connect Client
  • Vulnerable version of SINEMA Remote Connect Client (below 3.0 SP1) must be installed
low complexity privilege escalationaffects engineering workstationspotential gateway to industrial networks
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
SINEMA Remote Connect Client< V3.0 SP13.0 SP1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SINEMA Remote Connect Client to version 3.0 SP1 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/f1fba7e0-d3ed-4ead-b86f-835eceff0b7e
Code Execution Vulnerability in SINEMA Remote Connect Client | CVSS 7.8 - OTPulse