Siemens Products Out-of-Bounds Write Vulnerability in User Management Component Allowing Denial-of-Service
Vulnerability
A buffer overflow vulnerability allowing out-of-bounds write has been identified in the integrated User Management Component (UMC) of several Siemens products, including SIMATIC PCS neo, SINEC NMS versions prior to 4.0, SINEMA Remote Connect, and various versions of the Totally Integrated Automation Portal (TIA Portal). This vulnerability could enable an unauthenticated remote attacker to cause a denial-of-service condition.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition, causing affected systems to become unresponsive or unavailable.
Remediation
Users of SINEC NMS should update to version 4.0 or later. For other affected products, including SIMATIC PCS neo, SINEMA Remote Connect, and TIA Portal, users should update the User Management Component to version 2.15.1.1 or a later compatible version. In non-networked deployments, TCP ports 4002 and 4004 can be blocked on machines with UMC installed. If no RT server machines are used, port 4004 can be blocked completely.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.