Siemens SIPROTEC 5 — CVE-2024-54017
CISA ICS · CISA · CVE-2024-54017
ID
CVE-2024-54017
CVE-2024-54017
Date
Activity
Source
CISA ICS
CISA ICS
Vendor
CISA
CISA
Threat
medium
medium
Summary
View CSAF Summary The SIPROTEC 5 devices do not use sufficiently random numbers to generate session identifiers. This could facilitate a brute-force attack against a valid session identifier which could allow an unauthenticated remote attacker to hijack a valid user session. The affected session identifiers are only used in a subset of the endpoints that are provided by the affected products. Siemens is preparing…
Product
ICS Advisory
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.