CVE-2024-50572

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

Published: Nov 12, 2024 / Updated: 7d ago

010
CVSS 8.6EPSS 0.05%High
CVE info copied to clipboard

Summary

A vulnerability has been identified in multiple Siemens RUGGEDCOM and SCALANCE devices running firmware versions prior to V8.2. These devices do not properly sanitize an input field, which could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Impact

This vulnerability could allow an attacker with administrative access to execute arbitrary code or gain root shell access on the affected devices. This level of access could lead to complete compromise of the device, potentially allowing the attacker to manipulate network traffic, access sensitive information, or use the compromised device as a pivot point for further attacks within the network.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Siemens has released version V8.2 of the firmware for all affected devices, which addresses this vulnerability. Users should upgrade to this version to mitigate the risk.

Mitigation

1. Update all affected devices to firmware version V8.2 or later. 2. Implement strong access controls and limit administrative access to trusted personnel only. 3. Monitor system logs for any suspicious activities or unauthorized access attempts. 4. Implement network segmentation to isolate affected devices if immediate patching is not possible. 5. Regularly audit and review user accounts with administrative privileges. 6. Use secure protocols for remote management of these devices.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

CVE Assignment

NVD published the first details for CVE-2024-50572

Nov 12, 2024 at 1:15 PM
CVSS

A CVSS base score of 7.2 has been assigned.

Nov 12, 2024 at 1:21 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-50572. See article

Nov 12, 2024 at 1:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 12, 2024 at 1:24 PM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 12, 2024 at 1:37 PM
EPSS

EPSS Score was set to: 0.05% (Percentile: 20.5%)

Nov 13, 2024 at 8:00 PM
Threat Intelligence Report

CVE-2024-50572 is a vulnerability with a CVSS v3 base score of 7.2 and a CVSS v4 base score of 8.6, indicating a significant level of criticality. The details provided do not specify whether it is actively exploited in the wild, nor do they mention the availability of proof-of-concept exploits, mitigations, detections, patches, or any downstream impacts to third-party vendors or technology. Further investigation would be necessary to assess the full implications of this vulnerability. See article

Nov 14, 2024 at 2:42 PM
Static CVE Timeline Graph

Affected Systems

Siemens/scalance_mum853-1_\(eu\)_firmware
+null more

Patches

cert-portal.siemens.com
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

References

Siemens SCALANCE M-800 Family
Vulnerabilities : Out-of-bounds Read, Missing Encryption of Sensitive Data, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Excessive Iteration, Use After Free, Improper Output Neutralization for Logs, Observable Discrepancy, Improper Locking, Missing Release of Resource after Effective Lifetime, Improper Input Validation, Improper Access Control, Path Traversal, Cross-site Scripting, Injection Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use).

News

Siemens SCALANCE M-800 Family
Vulnerabilities : Out-of-bounds Read, Missing Encryption of Sensitive Data, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Excessive Iteration, Use After Free, Improper Output Neutralization for Logs, Observable Discrepancy, Improper Locking, Missing Release of Resource after Effective Lifetime, Improper Input Validation, Improper Access Control, Path Traversal, Cross-site Scripting, Injection Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use).
Siemens (CVE-2024-50572)
The remote OT asset is affected by a vulnerability. Tenable OT Security Plugin ID 502661 with High Severity
Tenable.ot checks for NVD CVE-2024-50572
Testing Last Updated: 11/13/2024 CVEs: CVE-2024-50572
High - CVE-2024-50572 - A vulnerability has been identified in...
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE...
CVE-2024-50572 | Siemens RUGGEDCOM RM1224 LTE(4G) EU up to V8.1 injection (ssa-354112)
A vulnerability was found in Siemens RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M874-3 3G-Router (CN), SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (A1), SCALANCE MUM853-1 (B1), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (A1), SCALANCE MUM856-1 (B1), SCALANCE MUM856-1 (CN), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615 EEC LAN-Router and SCALANCE S615 LAN-Router up to V8.1 . It has been declared as critical . Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. This vulnerability is known as CVE-2024-50572 . The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
See 7 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI