Multiple Vulnerabilities in SINEMA Remote Connect Client before V3.2 HF1

Plan Patch7.8SSA-868282Jul 9, 2024

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SINEMA Remote Connect Client before V3.2 HF1 is affected by multiple vulnerabilities including command injection flaws (CWE-77) that allow local attackers to execute arbitrary commands with the privileges of the logged-in user. The vulnerability has a CVSS score of 7.8 and is rated as exploitable with proof of concept available.

What this means

What could happen

An attacker with local access to a system running SINEMA Remote Connect Client could execute commands or modify files with the privileges of the logged-in user, potentially gaining unauthorized access to remote industrial systems or disrupting remote connectivity to critical infrastructure.

Who's at risk

This affects engineering and operations teams at utilities and industrial facilities that use SINEMA Remote Connect Client for remote access to industrial control systems, SCADA platforms, and other critical infrastructure. Anyone managing remote connections to substations, water treatment plants, or manufacturing facilities should verify their client version.

How it could be exploited

An attacker with local access to an engineering workstation could exploit a command injection vulnerability in SINEMA Remote Connect Client to execute arbitrary commands. This could allow them to modify connection configurations, intercept credentials used for remote access to industrial systems, or pivot to connected devices.

Prerequisites

Local access to the workstation running SINEMA Remote Connect Client
User-level privileges on the affected system

Low complexity attackRequires local accessCWE-77 (Improper Neutralization of Special Elements used in a Command)Affects remote access security to critical systems

Exploitability

Moderate exploit probability (EPSS 2.1%)

Affected products (1)

ProductAffected VersionsFix Status

SINEMA Remote Connect ClientAll versions < V3.2 HF13.2 HF1

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SINEMA Remote Connect Client to version 3.2 HF1 or later

CVEs (3)

CVE-2024-39567 CVE-2024-39568 CVE-2024-39569

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c76a860a-58fb-4f4f-8da8-8ea22c5dc3eb