CVE-2024-47553
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)
Published: Oct 8, 2024 / Updated: 42d ago

010

CVSS 9.4EPSS 0.04%Critical

CVE info copied to clipboard

Summary

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the `ssmctl-client` command. This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS.

Impact

This vulnerability allows an authenticated attacker with low privileges to remotely execute arbitrary code with root privileges on the affected system. The impact is severe as it affects the confidentiality, integrity, and availability of the system. An attacker could potentially: 1. Take complete control of the system 2. Access or modify sensitive data 3. Install malware 4. Use the compromised system as a stepping stone for further attacks within the network The vulnerability has a CVSS v3.1 base score of 9.9 and a CVSS v4.0 base score of 9.4, both indicating critical severity. This high severity is due to the potential for remote exploitation, low attack complexity, and high impact on confidentiality, integrity, and availability.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability is fixed in Siemens SINEC Security Monitor version V4.9.0 and later.

Mitigation

1. Update Siemens SINEC Security Monitor to version V4.9.0 or later as soon as possible. 2. If immediate patching is not possible, consider restricting network access to the affected systems. 3. Implement the principle of least privilege, ensuring users and processes operate with minimal necessary permissions. 4. Monitor systems for suspicious activities, particularly focusing on unusual command executions or privilege escalations. 5. Implement network segmentation to limit the potential spread of an attack if a system is compromised. 6. Regularly audit and review user access rights, removing unnecessary privileges.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

CVE Assignment

NVD published the first details for CVE-2024-47553

Oct 8, 2024 at 9:15 AM

CVSS

A CVSS base score of 9.9 has been assigned.

Oct 8, 2024 at 9:21 AM / nvd

First Article

Feedly found the first article mentioning CVE-2024-47553. See article

Oct 8, 2024 at 9:22 AM / Vulners.com RSS Feed

CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 8, 2024 at 9:22 AM

EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 9, 2024 at 10:29 AM

Threat Intelligence Report

CVE-2024-47553 is a critical vulnerability with a CVSS v3.1 base score of 9.9 and a CVSS v4 base score of 9.4, indicating a severe risk. The details provided do not specify whether it is being exploited in the wild, nor do they mention the availability of proof-of-concept exploits, mitigations, detections, patches, or any downstream impacts on third-party vendors or technology. Further investigation is needed to assess the full implications and response strategies for this vulnerability. See article

Oct 10, 2024 at 2:41 PM