An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server. It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing authentication for critical functions and improper input validation vulnerabilities tracked as CVE-2024-52285, CVE-2025-27493, and CVE-2025-27494. Exploiting these vulnerabilities could allow an unauthorized attacker to read or delete arbitrary files or the entire device file system. The vulnerabilities could allow an attacker to bypass application authentication and gain access to the data managed by the server. Similar to CVE-2025-23397, this vulnerability also relates to improper memory buffer operations tracked as CVE-2025-23398. Successful exploitation of this vulnerability could allow an attacker to obtain partial invalid usernames accepted by the server. The issues could allow remote attackers to intercept sensitive communications, gain unauthorized access, and potentially execute arbitrary code. Successful exploitation of this vulnerability could allow an attacker to download untrusted firmware that could damage or compromise the device. Another memory buffer restriction vulnerability, CVE-2025-23400, affects the same applications and enables memory corruption during specially crafted WRL file parsing. Successful exploitation of these vulnerabilities could allow an authenticated attacker to alter the secure boot configuration or to disable the BIOS password. The advisory includes vulnerabilities such as CVE-2025-2230 and CVE-2025-2229 that could allow privilege escalation and arbitrary code execution. This vulnerability could allow attackers to execute arbitrary code in the context of the current process. A NULL pointer dereference vulnerability CVE-2024-41055 in the Linux kernel’s memory management subsystem. This could result in denial-of-service conditions. It could allow an attacker to execute commands on the device with root privileges and access sensitive data. The advisory includes Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection‘), which is tracked as CVE-2025-27392, CVE-2025-27393, CVE-2025-27398, and CVE-2025-27394. An Improper Authentication vulnerability was tracked as CVE-2024-56336. The vulnerabilities include observable timing discrepancy tracked as CVE-2024-42512 and authentication bypass by primary weakness tracked as CVE-2024-42513. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. It allows memory corruption through malicious WRL file parsing that could lead to unauthorized code execution. The significant number of vulnerabilities across major industrial systems highlights the ongoing challenge of securing increasingly connected operational technology environments against evolving cyber threats. An out-of-bounds write vulnerability in Siemens Teamcenter Visualization and Tecnomatix Plant Simulation CVE-2025-23396 occurs when parsing specially crafted WRL files. Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) CVE-2025-27395, CVE-2025-27397 and Improper Check for Dropped Privileges tracked as CVE-2025-27396. These vulnerabilities range from improper certificate validation to authorization bypasses and buffer overflows. An improper restriction of operations within memory buffer bounds CVE-2025-23397 in the affected applications. A remote attacker would need access to a valid certificate in order to perform a successful attack. An integer overflow vulnerability CVE-2024-1305 in the tap-windows6 driver (version 9.26 and earlier) is used in the SINEMA Remote Connect Client. A use-after-free vulnerability CVE-2024-41049 in the Linux kernel’s file locking mechanism. Partial String Comparison vulnerability is tracked as CVE-2025-23384.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Mar 2025 10:10:07 +0000