PatchSiren cyber security CVE debrief
CVE-2024-35208 Siemens CVE debrief
CVE-2024-35208 is a medium-severity vulnerability (CVSS 6.3) affecting Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0), an industrial network monitoring product. The vulnerability involves cleartext password storage in the affected web server, which could allow an attacker in a privileged network position to obtain access credentials. The issue was published on June 11, 2024, and last modified on May 6, 2025. Siemens has released a vendor fix in version 1.2 or later. The vulnerability requires local access and low attack complexity with low privileges, but has a changed scope impact. Organizations should prioritize patching to version 1.2 or later and implement defense-in-depth strategies for industrial control systems.
- Vendor
- Siemens
- Product
- SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)
- CVSS
- MEDIUM 6.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-06-11
- Advisory updated
- 2025-05-06
Who should care
Organizations operating Siemens SINEC Traffic Analyzer in industrial environments, OT security teams, critical infrastructure operators, and network administrators responsible for industrial network monitoring infrastructure
Technical summary
The SINEC Traffic Analyzer web server stores passwords in cleartext, violating secure credential storage practices. An attacker positioned with local network access and low privileges can extract these credentials, potentially leading to unauthorized system access. The vulnerability's changed scope (S:C) indicates impact beyond the vulnerable component's security authority. The fix in version 1.2 implements proper password protection mechanisms.
Defensive priority
medium
Recommended defensive actions
- Update Siemens SINEC Traffic Analyzer to version 1.2 or later
- Review and rotate any potentially exposed credentials
- Implement network segmentation to limit privileged network positions
- Apply defense-in-depth strategies for industrial control system environments
- Monitor for unauthorized access attempts to SINEC Traffic Analyzer systems
Evidence notes
The vulnerability description and remediation details are sourced from CISA's CSAF advisory ICSA-24-165-13, which references Siemens' official security advisory SSA-196737. The CVSS vector (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L) indicates local attack vector, low attack complexity, low privileges required, no user interaction, changed scope, and low impacts to confidentiality, integrity, and availability.
Official resources
-
CVE-2024-35208 CVE record
CVE.org
-
CVE-2024-35208 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11