CVE-2024-29857 Siemens CVE debrief

Who should care

Operators and administrators responsible for Siemens SIDIS Prime deployments, especially systems that import or process EC certificates. Security teams should also review any environments where SIDIS Prime is exposed to untrusted certificate input.

Technical summary

The advisory describes a CPU-consumption problem in certificate handling tied to evaluation of elliptic-curve parameters. Specifically, crafted EC certificates with F2m parameters can trigger expensive processing in ECCurve.java and ECCurve.cs, resulting in excessive CPU use and an availability impact. The advisory’s CVSS vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, reflecting a network-reachable, low-complexity denial-of-service condition.

Defensive priority

High. The issue is rated CVSS 7.5 and can materially affect availability by consuming CPU during certificate import or validation. Systems that rely on SIDIS Prime should be checked promptly and upgraded.

Recommended defensive actions

• Update Siemens SIDIS Prime to V4.0.800 or later as directed in the advisory.
• Inventory where SIDIS Prime is deployed and determine whether EC certificate import is enabled or reachable.
• Prioritize remediation on systems that process untrusted or externally supplied certificates.
• Monitor affected systems for abnormal CPU spikes during certificate handling and validate that the fixed version is deployed.
• Use CISA and vendor recommended practices to reduce exposure while patching and verify the advisory guidance before making operational changes.

Evidence notes

The source corpus ties CVE-2024-29857 to Siemens SIDIS Prime in CISA advisory ICSA-26-071-03, republished from Siemens ProductCERT SSA-485750. The advisory was published on 2026-03-10 and republished on 2026-03-12. The supplied remediation states: update to V4.0.800 or later. The provided CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Official resources