PatchSiren cyber security CVE debrief
CVE-2024-30172 Siemens CVE debrief
CVE-2024-30172 is a high-severity availability issue tied to Siemens SIDIS Prime’s advisory trail and a Bouncy Castle Java Cryptography API weakness. The source advisory states that a crafted Ed25519 signature and public key can trigger an infinite loop in verification code in Bouncy Castle versions before 1.78. Siemens maps the affected product exposure to SIDIS Prime versions before V4.0.800 and recommends updating to V4.0.800 or later.
- Vendor
- Siemens
- Product
- SIDIS Prime
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-03-12
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-03-12
Who should care
Security and operations teams responsible for Siemens SIDIS Prime, especially environments running versions before V4.0.800. Also relevant are application teams and platform owners that embed or depend on Bouncy Castle Java Cryptography APIs, since the underlying issue is in Ed25519 verification logic.
Technical summary
The advisory describes an infinite-loop condition in Ed25519 verification within Bouncy Castle Java Cryptography APIs before 1.78. The trigger is a crafted signature and public key. In the supplied advisory data, Siemens SIDIS Prime is listed as affected for versions before V4.0.800, with remediation to update to V4.0.800 or later. The supplied CVSS vector indicates network attackability, no privileges or user interaction, and high availability impact.
Defensive priority
High. The supplied CVSS 3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, which makes this a readily reachable denial-of-service style availability risk. Prioritize patching where SIDIS Prime or dependent Bouncy Castle components are deployed and exposed to untrusted inputs.
Recommended defensive actions
- Update Siemens SIDIS Prime to V4.0.800 or later as directed in the advisory.
- Inventory any deployments that include Bouncy Castle Java Cryptography APIs and confirm whether they are below version 1.78.
- Treat Ed25519 verification paths as high-risk input-handling code and monitor for abnormal hangs or stuck worker threads until remediation is complete.
- If immediate patching is not possible, restrict exposure of affected services to trusted network paths and validate that only expected certificates, keys, and signatures are processed.
- Confirm vendor maintenance guidance and any product-specific mitigations from the Siemens advisory before making operational changes.
Evidence notes
Supplied source data identifies CISA advisory ICSA-26-071-03 and Siemens ProductCERT advisory SSA-485750. The description states: 'An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.' The advisory metadata lists Siemens SIDIS Prime as the affected product with version range 'vers:intdot/<4.0.800' and remediation 'Update to V4.0.800 or later version.' Published and modified dates supplied for the CVE and source item are 2026-03-10 and 2026-03-12T06:00:00Z.
Official resources
-
CVE-2024-30172 CVE record
CVE.org
-
CVE-2024-30172 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed through the CISA/Siemens advisory chain on 2026-03-10, with a CISA republication update on 2026-03-12.