CVE-2024-30045 Siemens CVE debrief

Who should care

Organizations operating Siemens INTRALOG WMS warehouse management systems, particularly those with network segments accessible to multiple users or integrated with broader enterprise IT environments. Security teams responsible for OT/ICS environments and supply chain logistics infrastructure should prioritize this update.

Technical summary

CVE-2024-30045 is a remote code execution vulnerability in .NET and Visual Studio that affects Siemens INTRALOG WMS warehouse management system. The vulnerability allows potential execution of arbitrary code on INTRALOG WMS application servers. Exploitation is constrained by a network precondition: the attacker must be located within the controlled network of the INTRALOG WMS deployment (CVSS:3.1/AV:A). The CVSS 3.1 vector CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L yields a base score of 5.5 (Medium). Siemens has remediated this in version 4 and later. The vulnerability was disclosed on 2024-08-13 through coordinated disclosure between Microsoft (for the underlying .NET/Visual Studio component) and Siemens (for the affected product integration).

Defensive priority

medium

Recommended defensive actions

• Update Siemens INTRALOG WMS to version 4 or later per vendor guidance
• Restrict network access to INTRALOG WMS application servers to authorized personnel only
• Monitor for anomalous activity on INTRALOG WMS servers from internal network segments
• Apply defense-in-depth controls for industrial control systems per CISA guidance
• Review Microsoft security guidance for CVE-2024-30045 for additional .NET/Visual Studio mitigations

Evidence notes

CVE published 2024-08-13. CISA CSAF advisory ICSA-24-228-02 confirms Siemens INTRALOG WMS as affected product. Vendor fix available: update to V4 or later. Attack vector requires adjacent network access per CVSS:3.1/AV:A.

Official resources