Critical Siemens Vulnerabilities - 20250409004¶
Overview¶
Siemens has issued security advisories to address a weak authentication vulnerability affecting its products. The vulnerability could allow an unauthenticated remote attacker to bypass authentication and impersonate a legitimate user.
What is vulnerable?¶
| Vendor | CVE | Severity |
|---|---|---|
| Siemens | CVE-2024-54092 | 9.8 |
Recommendation¶
The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.
- Siemens Advisory SSA-634640: https://cert-portal.siemens.com/productcert/html/ssa-634640.html
- Siemends Advisory SSA-819629: https://cert-portal.siemens.com/productcert/html/ssa-819629.html
Additional References¶
- Securityonline: https://securityonline.info/siemens-industrial-edge-critical-authentication-flaw-cve-2024-54092/