CVE-2024-49775 is a critical heap-based buffer overflow vulnerability in the Siemens User Management Component (UMC), a core component used in various Siemens products within industrial and enterprise environments. The flaw allows unauthenticated remote attackers to execute arbitrary code.
| Product | Siemens |
| Date | 2024-12-20 17:16:45 |
| Information |
|
Technical Summary
The vulnerability stems from a heap-based buffer overflow within the UMC, which can be exploited by sending specially crafted data packets to the affected systems. A successful attack allows for remote arbitrary code execution, with the potential to compromise sensitive operations in environments where Siemens products are deployed.
Affected products:
- Opcenter Execution Foundation
- Opcenter Intelligence
- Opcenter Quality
- Opcenter RDL
- SIMATIC PCS neo (various versions)
- Totally Integrated Automation Portal (TIA Portal) (versions 16 through 19)
Recommendations
Siemens has provided mitigation guidelines for CVE-2024-49775. Organizations should immediately adopt the following measures to minimize risk:
Apply mitigations:
- Filter ports 4002 and 4004: restrict connections to these ports by allowing access only from machines within the UMC network.
- Block port 4004: if RT server machines are not in use, block port 4004 completely.
Update to patched versions:
- Upgrade to TIA Portal V20 or later, which includes a patched version of the UMC component and is no longer vulnerable.
[Callforaction-THREAT-Footer]
