CVE-2023-32032 Siemens CVE debrief

Who should care

Organizations operating Siemens ST7 ScadaConnect (6NH7997-5DA10-0AA0) in industrial control system environments, particularly those in critical infrastructure sectors relying on this product for SCADA connectivity. System administrators, OT security teams, and asset owners should prioritize patching to version 1.1 or later.

Technical summary

This vulnerability stems from a .NET and Visual Studio elevation of privilege issue in Siemens ST7 ScadaConnect. The CVSS 3.1 vector (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H) indicates local attack vector with high complexity, requiring low privileges but no user interaction. Successful exploitation could result in high impact to system integrity and availability. Siemens has addressed this in version 1.1 and later. The vulnerability affects industrial control system environments where ST7 ScadaConnect is deployed for SCADA connectivity functions.

Defensive priority

medium

Recommended defensive actions

• Apply the vendor-provided security update to version 1.1 or later for Siemens ST7 ScadaConnect (6NH7997-5DA10-0AA0)
• Review and implement CISA ICS recommended practices for defense-in-depth strategies
• Monitor for additional security advisories from Siemens CERT portal regarding this product
• Ensure least-privilege access controls are enforced on systems running affected software
• Consider network segmentation for industrial control systems to limit lateral movement potential

Evidence notes

CVE published and modified 2024-06-11 per CISA CSAF advisory ICSA-24-165-04. CVSS vector and remediation details sourced from official Siemens and CISA documentation. Not present in KEV catalog.

Official resources