Siemens Industrial Edge Management Authorization Bypass Vulnerability Allowing Unauthenticated Remote Access to Devices

An authorization bypass vulnerability has been identified in Siemens Industrial Edge Management Pro V1 (versions 1.7.6 prior to 1.15.17), Industrial Edge Management Pro V2 (versions 2.0.0 prior to 2.1.1), and Industrial Edge Management Virtual (versions 2.2.0 prior to 2.8.0). The vulnerability arises because these management systems do not properly enforce user authentication on remote connections to devices. This flaw could enable an unauthenticated remote attacker to bypass authentication and impersonate a legitimate user. Successful exploitation requires knowledge of the header and port used for remote device connections, as well as the activation of the remote connection feature on the target device. Exploitation of this vulnerability allows the attacker to tunnel into the device, although existing security features on the device, such as application-specific authentication, remain unaffected.

Impact

Exploitation of this vulnerability could lead to unauthorized remote access to connected Industrial Edge Devices, allowing attackers to tunnel into these devices and potentially manipulate them, depending on the device's security features.

Remediation

Users are advised to update to the latest versions of the affected products. For Industrial Edge Management Pro V1, update to version 1.15.17 or later. For Industrial Edge Management Pro V2, update to version 2.1.1 or later. For Industrial Edge Management Virtual, update to version 2.8.0 or later. Additional product-specific recommendations can be found in the Siemens Security Advisory SSA-609469.