Siemens Industrial Edge Products Weak Authentication Vulnerability Allowing User Impersonation

A weak authentication vulnerability has been identified in multiple Siemens Industrial Edge products, including the Industrial Edge Device Kit for arm64 and x86-64 architectures, as well as various SIMATIC IPC models and the SCALANCE LPE9413. All versions of the affected products are vulnerable, except for certain specified versions in the Industrial Edge Device Kit. The vulnerability arises because affected devices do not properly enforce user authentication on specific API endpoints when identity federation is used. This flaw could allow an unauthenticated remote attacker to bypass authentication and impersonate a legitimate user. Successful exploitation requires knowledge of a legitimate user's identity and that identity federation is currently or has previously been used.

Impact

Exploitation of this vulnerability could lead to unauthorized authentication bypass, allowing attackers to impersonate legitimate users on the affected devices.

Remediation

Siemens has released updates for some affected products and recommends specific countermeasures for others. For products in the Industrial Edge Device Kit where no fix is planned, users are advised to limit network access to trusted parties only. General security recommendations include protecting network access to devices and following Siemens' operational guidelines for Industrial Security.