PatchSiren cyber security CVE debrief
CVE-2024-0056 Siemens CVE debrief
CVE-2024-0056 is a high-severity security feature bypass issue published by CISA in Siemens INTRALOG WMS advisories on 2025-05-13. The advisory text identifies the problem as a Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability, and Siemens recommends updating to V5 or later. The CVSS vector supplied with the advisory indicates network reachability, no privileges required, no user interaction, and a high confidentiality/integrity impact profile.
- Vendor
- Siemens
- Product
- INTRALOG WMS
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-05-13
- Original CVE updated
- 2025-05-13
- Advisory published
- 2025-05-13
- Advisory updated
- 2025-05-13
Who should care
Organizations running Siemens INTRALOG WMS, especially teams responsible for application patching, platform hardening, and OT/IT boundary controls. Security teams should also care if the affected environment uses Microsoft.Data.SqlClient or System.Data.SqlClient in a way that maps to the Siemens advisory context.
Technical summary
The supplied CSAF advisory maps CVE-2024-0056 to Siemens INTRALOG WMS and describes it as a SQL Data Provider security feature bypass issue involving Microsoft.Data.SqlClient and System.Data.SqlClient. The published CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N, which signals network-based exposure with no required privileges or user interaction, but with high attack complexity and potential impacts to confidentiality and integrity. The only remediation explicitly listed in the source corpus is to update to V5 or later.
Defensive priority
High. The advisory has a high CVSS score of 8.7 and the supplied vector indicates meaningful exposure if the affected product is reachable. Prioritize patching and configuration review.
Recommended defensive actions
- Update Siemens INTRALOG WMS to V5 or later, as directed in the advisory.
- Inventory installations of Siemens INTRALOG WMS to identify affected instances.
- Review network exposure and limit access to the application where feasible.
- Validate that compensating controls and segmentation are in place around any exposed deployment.
- Monitor vendor and CISA advisory updates for any follow-on guidance.
Evidence notes
Evidence is drawn from the CISA CSAF advisory ICSA-25-135-02 and its linked Siemens references. The source corpus identifies the affected product as Siemens INTRALOG WMS and the issue as a Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability. The corpus also provides the remediation 'Update to V5 or later version' and the CVSS vector AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N. No exploit details, weaponization, or additional affected versions beyond the stated remediation were included.
Official resources
-
CVE-2024-0056 CVE record
CVE.org
-
CVE-2024-0056 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by CISA in the CSAF advisory on 2025-05-13. The supplied corpus does not provide an earlier public disclosure date.