PatchSiren cyber security CVE debrief
CVE-2023-33128 Microsoft CVE debrief
CVE-2023-33128 is a remote code execution vulnerability affecting .NET and Visual Studio, with specific impact on Siemens ST7 ScadaConnect (6NH7997-5DA10-0AA0). Published on June 11, 2024, this vulnerability carries a HIGH severity CVSS score of 7.3. The vulnerability stems from the underlying .NET and Visual Studio components used by the affected Siemens product. According to CISA advisory ICSA-24-165-04, the vulnerability requires local attack vector access with low attack complexity, low privileges, and user interaction. Successful exploitation could result in high impact to confidentiality, integrity, and availability. Siemens has released a vendor fix in version 1.1 or later to address this vulnerability. Organizations using affected ST7 ScadaConnect deployments should prioritize updating to the remediated version.
- Vendor
- Microsoft
- Product
- SINEC PNI
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2023-11-14
- Original CVE updated
- 2023-11-14
- Advisory published
- 2023-11-14
- Advisory updated
- 2023-11-14
Who should care
Organizations operating Siemens ST7 ScadaConnect (6NH7997-5DA10-0AA0) in industrial control system environments, particularly those in critical infrastructure sectors. System administrators responsible for OT/ICS security patching and vulnerability management programs.
Technical summary
This vulnerability exists in the .NET and Visual Studio components utilized by Siemens ST7 ScadaConnect. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C) indicates a local attack vector requiring low privileges and user interaction, with high impacts across confidentiality, integrity, and availability. Exploitation proof-of-concept exists. The vulnerability was remediated by Siemens in version 1.1 of the affected product.
Defensive priority
HIGH
Recommended defensive actions
- Update Siemens ST7 ScadaConnect (6NH7997-5DA10-0AA0) to version 1.1 or later
- Review CISA ICS recommended practices for defense-in-depth strategies
- Monitor Siemens ProductCERT advisories for additional guidance
- Apply principle of least privilege to limit local access for exploitation
- Validate .NET and Visual Studio component versions in affected environments
Evidence notes
CVE published and modified 2024-06-11 per official record. CISA CSAF advisory ICSA-24-165-04 published same date. Siemens SSA-341067 provides vendor-specific guidance. CVSS vector indicates local attack vector with user interaction required.
Official resources
-
CVE-2023-33128 CVE record
CVE.org
-
CVE-2023-33128 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11