Detections
Analytics

Siemens SIPROTEC 5 Active Debug Code (CVE-2024-53648)

medium Tenable OT Security Plugin ID 502862

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Affected devices do not properly limit access to a development shell accessible over a physical interface. This could allow an unauthenticated attacker with physical access to the device to execute arbitrary commands on the device.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://cert-portal.siemens.com/productcert/html/ssa-687955.html

https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-04

Plugin Details

Severity: Medium

ID: 502862

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 2/18/2025

Updated: 2/19/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-53648

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:siprotec_5_7sa86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ve85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sd87_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sl82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sk82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7sk85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_compact_7sx800_%28cp050%29_firmware, cpe:/o:siemens:siprotec_5_6md85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sk82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sj81_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sj85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_6md86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7vu85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ut86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7ut82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7ut86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_6mu85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7st85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7st86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sd82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sl87_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_6md85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ut85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sl82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7sd82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7sd86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_6md86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sx82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sa87_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sj82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7vk87_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7vk87_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sj82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7ut85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7ke85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7um85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sd87_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sd86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sl87_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sj86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sx85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sa82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7ke85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7ut82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sy82_%28cp150%29_firmware, cpe:/o:siemens:siprotec_5_7sl86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sa82_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7st85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ut87_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sj81_%28cp100%29_firmware, cpe:/o:siemens:siprotec_5_7sk85_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sa86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7sa87_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sj85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ss85_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_6md84_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_6md89_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sj86_%28cp200%29_firmware, cpe:/o:siemens:siprotec_5_7ut87_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7sl86_%28cp300%29_firmware, cpe:/o:siemens:siprotec_5_7ss85_%28cp200%29_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 2/11/2025

Vulnerability Publication Date: 2/11/2025

Reference Information

CVE: CVE-2024-53648

CWE: 489

ICSA: 25-044-04