Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution

A critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code.

The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Security Advisory SSA-928984 and urges customers to implement recommended fixes or mitigations to minimize the risks.

Details of the Vulnerability

The vulnerability affects multiple Siemens products integrated with the UMC component, allowing remote attackers to execute arbitrary code that could jeopardize the confidentiality, integrity, and availability of affected systems.

Rated as critical, the flaw carries a CVSS v3.1 Base Score of 9.8 and a CVSS v4.0 Base Score of 9.3.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Classified under CWE-122: Heap-Based Buffer Overflow, the issue stems from improper memory handling and poses significant risks to operational systems.

Siemens has credited Tenable for its role in the coordinated disclosure of this vulnerability.

Affected Products and Solutions

The following table provides an overview of affected products, their vulnerability status, and available mitigations.

Product	Version	CVE ID	Remediation
Opcenter Execution Foundation	All versions	CVE-2024-49775	No fix available. Follow recommendations in Workarounds and Mitigations.
Opcenter Intelligence	All versions	CVE-2024-49775	No fix available. Follow recommendations in Workarounds and Mitigations.
Opcenter Quality	All versions	CVE-2024-49775	No fix available. Follow recommendations in Workarounds and Mitigations.
Opcenter RDL	All versions	CVE-2024-49775	No fix available. Follow recommendations in Workarounds and Mitigations.
SINEC NMS	UMC < V2.15	CVE-2024-49775	Update SINEC NMS to V3.0 SP2 or later and UMC to V2.15 or later. Contact Siemens support.
Totally Integrated Automation Portal (TIA Portal)	Open for details	CVE-2024-49775	Fixed versions available; see Siemens support documentation for details.

• Port Restrictions: Filter ports 4002 and 4004 to accept connections only from machines within the UMC network. If no RT server machines are used, block port 4004 entirely.
• Update Affected Systems: Apply patch updates or upgrades to fixed versions as specified in product-specific mitigations.

Siemens emphasizes strict adherence to industrial security guidelines and general network protection best practices.

This critical vulnerability underscores the importance of regular patch management and proactive threat mitigation in industrial environments.

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide