PatchSiren cyber security CVE debrief
CVE-2024-34057 Siemens CVE debrief
Triangle Microworks TMW IEC 61850 Client source code libraries before version 12.2.0 contain a buffer overflow vulnerability due to missing buffer size checks when processing received messages. This vulnerability can cause crashes leading to denial of service conditions. The vulnerability affects Siemens industrial control products that incorporate the vulnerable third-party library, including ET85 Ethernet Interface IEC61850 Ed.2, ETI5 Ethernet Interface, SICAM SCC, and SITIPE AT systems. The vulnerability was disclosed on September 10, 2024, with subsequent updates through December 9, 2025, adding affected products and corrected fix versions. Siemens has released patches for all affected products.
- Vendor
- Siemens
- Product
- ET85 Ethernet Interface IEC61850 Ed.2
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-10
- Original CVE updated
- 2025-12-09
- Advisory published
- 2024-09-10
- Advisory updated
- 2025-12-09
Who should care
Organizations operating Siemens SICAM and SITIPE product lines with IEC 61850 client functionality, particularly in electric utility substation automation, power generation, and industrial control environments. Asset owners using ET85 or ETI5 Ethernet interface modules for IEC 61850 Ed.2 communications. Security teams responsible for OT/ICS network protection and patch management. Compliance officers tracking third-party component vulnerabilities in critical infrastructure systems.
Technical summary
The vulnerability exists in Triangle Microworks TMW IEC 61850 Client source code libraries prior to version 12.2.0. When processing received messages, the library fails to perform adequate buffer size validation, allowing a buffer overflow condition. This can be triggered by malformed network messages and results in process crashes, causing denial of service to IEC 61850 client functionality. The vulnerability is exploitable remotely without authentication (AV:N/AC:L/PR:N/UI:N per CVSS:3.1 vector). Siemens products incorporating this library as a third-party component are affected, including ET85 Ethernet Interface IEC61850 Ed.2, ETI5 Ethernet Interface, SICAM SCC, and SITIPE AT. The vulnerability does not affect confidentiality but has high availability impact.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor-provided firmware updates: ET85 Ethernet Interface IEC61850 Ed.2 to V03.27 or later (available in CP-8000/CP-8021/CP-8022 Package V16.52)
- Apply vendor-provided firmware updates: ETI5 Ethernet Int. 1x100TX IEC61850 to V05.30 or later (available in CP-8031/CP-8050 Package V5.30)
- Apply vendor-provided software updates: SICAM SCC to V9.14 HF2 or later version
- Apply vendor-provided software updates: SITIPE AT to V3.21 or later version
- Implement network segmentation to limit exposure of affected IEC 61850 client systems to untrusted networks
- Monitor for anomalous traffic patterns targeting IEC 61850 MMS protocol services
- Review CISA ICS recommended practices for defense-in-depth strategies for industrial control systems
Evidence notes
CVE published 2024-09-10; CISA advisory ICSA-24-256-16 published same date; advisory modified 2024-12-10 to correct SICAM SCC fix version and add ET85 as affected product; further modified 2025-05-13 to add SITIPE AT fix and rename product; final modification 2025-12-09 to add ET85 fix version. CVSS 8.2 HIGH severity. Not listed in CISA KEV.
Official resources
-
CVE-2024-34057 CVE record
CVE.org
-
CVE-2024-34057 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-10