CVE-2024-12133 Siemens CVE debrief

Who should care

Owners, operators, and maintainers of the affected Siemens SIMATIC S7-1500 CPU 1518/1518F MFP variants, especially OT teams responsible for certificate handling, the additional GNU/Linux subsystem, or any workflows that accept untrusted certificate data.

Technical summary

The issue is described as inefficient handling of specific certificate data in libtasn1, consistent with CWE-407 (inefficient algorithmic complexity). The advisory lists CVSS 3.1 as 5.3/Medium with AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L, indicating a network-triggerable availability impact without confidentiality or integrity loss. On the affected Siemens products, a specially crafted certificate can consume excessive processing time and degrade service availability, potentially to the point of crashing the device or subsystem.

Defensive priority

Medium overall, but higher priority for exposed or certificate-processing-dependent Siemens SIMATIC S7-1500 deployments because no fix is available in the supplied advisory and mitigation is limited to exposure reduction.

Recommended defensive actions

• Restrict access to the interactive shell of the additional GNU/Linux subsystem to trusted personnel only.
• Only build and run applications from trusted sources.
• Apply CISA and Siemens industrial-control-system defense-in-depth guidance to reduce exposure to untrusted inputs.
• Review where affected devices accept or process external certificate data and minimize that exposure until a fix is available.
• Track Siemens ProductCERT and CISA updates for future remediation guidance or a patched release.

Evidence notes

This debrief is based on the supplied CISA CSAF source item for ICSA-25-162-05 and the referenced Siemens ProductCERT advisory SSA-082556. The CVE was published on 2025-06-10 and last updated on 2026-05-14 in the supplied timeline. The advisory corpus provided here indicates no fix is available and does not include a CISA KEV listing for this CVE.

Official resources