What is the CVE identifier and severity score of this vulnerability?

The vulnerability is tracked as CVE-2024-54092 with a CVSS score of 9.8, indicating critical severity.

Which Siemens industrial devices are affected by this vulnerability?

The affected devices include: Siemens Industrial Edge Own Device (IEOD) versions prior to V1.21.1-1-a, Siemens Industrial Edge Virtual Device versions prior to V1.21.1-1-a, Siemens SCALANCE LPE9413 (6GK5998-3GS01-2AC2) all versions, Siemens SIMATIC IPC127E, IPC227E, IPC427E, IPC847E, IPC BX-39A, and IPC BX-59A Industrial Edge Devices with specific version limitations.

What updates has Siemens released to address this vulnerability?

Siemens has released the following updates: Industrial Edge Virtual Device and IEOD should update to V1.21.1-1-a or later, and SIMATIC IPC BX-39A, IPC BX-59A, IPC127E, IPC227E, IPC847E should update to V3.0 or later.

Are there Siemens products without available fixes?

Yes, the SCALANCE LPE9413 (6GK5998-3GS01-2AC2) and SIMATIC IPC427E Industrial Edge Device currently have no fix available.

Advisory

Critical authentication flaw reported in Siemens Industrial Edge Devices

Q: What type of vulnerability is this?

This is a weak authentication vulnerability (CWE-1390) that affects specific API endpoints when identity federation is used, enabling an unauthenticated remote attacker to circumvent authentication controls and gain unauthorized access.

Q: What additional mitigations does Siemens recommend?

As an additional mitigation, Siemens advises users to limit network access to affected products to trusted parties only.

published: April 11, 2025

Take action: If you are using Siemens Industrial edge devices, SIMATIC or SCALANCE, review this advisory in detail. As always, make sure all such devices are isolated from the internet and accessible only from trusted networks. Then check for the specific federation configuration. If the devices are vulnerabple, plan a systematic patch process, which may take a long time. But it's worth doing because any isolation will eventually fail.

Learn More

Siemens is reporting a critical security vulnerability affecting multiple Industrial Edge Devices, which could potentially allow unauthorized remote attackers to bypass authentication mechanisms and impersonate legitimate users.

The vulnerability is tracked as CVE-2024-54092 (CVSS score 9.8) - a weak authentication vulnerability (CWE-1390) affects specific API endpoints when identity federation is used, enabling an unauthenticated remote attacker to circumvent authentication controls and gain unauthorized access.

The vulnerability can be exploited over the network without physical access and does not require specialized conditions or advanced skills.

The vulnerability impacts Siemens industrial devices:

Siemens Industrial Edge Own Device (IEOD): All versions prior to V1.21.1-1-a
Siemens Industrial Edge Virtual Device: All versions prior to V1.21.1-1-a
Siemens SCALANCE LPE9413 (6GK5998-3GS01-2AC2): All versions
Siemens SIMATIC IPC127E Industrial Edge Device: All versions prior to V3.0
Siemens SIMATIC IPC227E Industrial Edge Device: All versions prior V3.0
Siemens SIMATIC IPC427E Industrial Edge Device: All versions
Siemens SIMATIC IPC847E Industrial Edge Device: All versions prior V3.0
Siemens SIMATIC IPC BX-39A Industrial Edge Device: All versions prior V3.0
Siemens SIMATIC IPC BX-59A Industrial Edge Device: All versions prior V3.0

Siemens has provided mitigations for affected products:

Available Updates:
- Industrial Edge Virtual Device and IEOD: Update to V1.21.1-1-a or later
- SIMATIC IPC BX-39A, IPC BX-59A, IPC127E, IPC227E, IPC847E: Update to V3.0 or later
Products Without Available Fixes:
- SCALANCE LPE9413 (6GK5998-3GS01-2AC2): No fix currently available
- SIMATIC IPC427E Industrial Edge Device: No fix currently available

As an additional mitigations, Siemens advises users to limit network access to affected products to trusted parties only

No known public exploitation targeting this vulnerability has been reported to CISA at this time.

Critical authentication flaw reported in Siemens Industrial Edge Devices

Read More
Critical authentication bypass flaw reported in Dover ProGauge …
Dahua smart camera flaws enable remote device takeover
Multiple critical flaws reported in MICROSENS NMP Web+ …
Multiple Flaws Reported in Automated Logic WebCTRL Premium …
Siemens patches multiple critical flaws in User Management …