Vulnerabilities in the SIPROTEC 5 series include Cleartext storage of sensitive information (CVE-2024-53651), which has a CVSS v3 base score of 4.6. Mitigation involves firmware updates and restricting network access. This SCADA management software contains vulnerabilities including OS Command Injection CVE-2025-25067, Missing Authentication for Critical Function CVE-2025-24865, Cleartext Storage of Sensitive Information CVE-2025-22896 , Cross-Site Request Forgery (CSRF) CVE-2025-23411. This advisory highlights Observable Discrepancy (CVE-2023-37482) across the broader SIMATIC product line with a CVSS v3 base score of 5.3. Siemens recommends applying security patches and isolating devices from external networks. CISA urges all users, administrators, and organizations relying on these ICS products to review the advisories thoroughly, apply vendor-recommended patches, and implement robust security measures such as network segmentation and strong authentication protocols to mitigate risks effectively. The RUGGEDCOM APE1808 networking devices are vulnerable to DoS condition, machine-in-the middle attack (MITM), escalate privileges, execute unauthorized code, and access unauthorized systems and information. Vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device tracked as (CVE-2024-54015). A few vulnerabilities include improper restriction of communication channels to intended endpoints, improper resource shutdown or Release, inadequate encryption strength, and race condition. This advisory addresses vulnerabilities in Siemens’ widely used programmable logic controllers (PLCs) which includes improper resource shutdown or release (CVE-2022-38465) and improper validation of syntactic correctness of input (CVE-2025-24811). Although primarily a medical IoT device, this advisory highlights risks such as exposure of private personal information to an unauthorized actor CVE-2025-20615, uncaught exception CVE-2025-24836 and files or directories accessible to external parties CVE-2025-23421. These vulnerabilities could enable an attacker to execute remote code or allow a malicious site administrator to change passwords for users. Questa and ModelSim simulation tools are affected by vulnerabilities tracked as CVE-2024-53977, Uncontrolled search path element causing elevation of privileges. Siemens Teamcenter, a product lifecycle management software, contains a flaw tracked as CVE-2025-23363 Url Redirection to an untrusted site (‘open Redirect’). Dingtian DT-R0 series devices have been identified with authentication Bypass Using an Alternate Path or Channel tracked as CVE-2025-1283. These monitoring tools for industrial PCs have vulnerability tracked as CVE-2025-23403, incorrect permission assignment for critical resource causing privilege escalation. Use of GET request method with sensitive Query Strings CVE-2025-26473, exposure of sensitive information to an unauthorized actor CVE-2025-25281, command injection CVE-2025-24861.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Feb 2025 13:40:12 +0000