PatchSiren cyber security CVE debrief
CVE-2023-29409 Siemens CVE debrief
CVE-2023-29409 is a medium-severity vulnerability affecting Siemens SIMATIC RTLS Locating Manager products. The issue stems from extremely large RSA keys in certificate chains, which can cause clients and servers to expend significant CPU time verifying signatures during TLS handshakes. This creates a potential denial-of-service condition through computational exhaustion. The vulnerability was published on May 14, 2024, with a subsequent modification on June 11, 2024, to add specific mitigation guidance for a related CVE. Siemens has addressed this by restricting RSA key sizes transmitted during handshakes to 8192 bits or less. According to the advisory, surveys of publicly trusted RSA keys found only three certificates with larger keys, all appearing to be test certificates not actively deployed. While private PKIs may contain larger keys, the fix targets web PKI safety. Affected products include seven variants of the SIMATIC RTLS Locating Manager (6GT2780-0DA00, 0DA10, 0DA20, 0DA30, 1EA10, 1EA20, and 1EA30). Siemens recommends updating to version V3.0.1.1 or later, available through Siemens Online Software Delivery (OSD).
- Vendor
- Siemens
- Product
- SIMATIC RTLS Locating Manager (6GT2780-0DA00)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-02-13
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-02-13
Who should care
Organizations operating Siemens SIMATIC RTLS Locating Manager systems in industrial environments, particularly those with TLS-enabled communications. System administrators responsible for Windows Server deployments hosting RTLS components, security teams managing industrial control system (ICS) infrastructure, and compliance officers tracking CVE remediation for OT/ICS assets should prioritize this update.
Technical summary
The vulnerability exists in the handling of RSA certificate chains during TLS handshakes. When extremely large RSA keys are present in certificate chains, the signature verification process consumes excessive CPU resources, potentially causing denial of service. The fix implements a maximum RSA key size of 8192 bits for keys transmitted during handshakes. This restriction aligns with web PKI practices and has minimal operational impact based on surveys of publicly trusted certificates. The vulnerability affects all seven documented variants of the SIMATIC RTLS Locating Manager product family running on Windows Server environments.
Defensive priority
medium
Recommended defensive actions
- Update SIMATIC RTLS Locating Manager to version V3.0.1.1 or later through Siemens Online Software Delivery (OSD)
- Install required RTLS Locating Manager components on a single host computer where possible and restrict system access to trusted personnel only
- Secure the Windows Server hosting RTLS Locating Manager with a firewall configuration that blocks port access from untrusted networks
- Apply security hardening to the Windows Server hosting RTLS Locating Manager in accordance with corporate security policies or current hardening guidelines
Evidence notes
CVE published 2024-05-14; modified 2024-06-11 to add mitigation for CVE-2024-30207. Source: CISA CSAF advisory ICSA-24-137-07.
Official resources
-
CVE-2023-29409 CVE record
CVE.org
-
CVE-2023-29409 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-14