Session Fixation in Siemens SINEMA Remote Connect Server



| Updated: 2024-09-16
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-42345
CWE-ID CWE-384
Exploitation vector Network
Public exploit N/A
Vulnerable software
SINEMA Remote Connect Server
Server applications / SCADA systems

Vendor Siemens

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Session Fixation

EUVDB-ID: #VU97147

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-42345

CWE-ID: CWE-384 - Session Fixation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected application does not properly handle user session establishment and invalidation. A remote user can circumvent the additional multi factor authentication for user session establishment.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.2 SP2

CPE2.3 External links

http://cert-portal.siemens.com/productcert/html/ssa-869574.html
http://www.cisa.gov/news-events/ics-advisories/icsa-24-256-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###