PatchSiren cyber security CVE debrief
CVE-2024-37990 Siemens CVE debrief
A medium-severity vulnerability (CVSS 6.5) in Siemens SIMATIC RFID readers allows attackers with privileged access to modify configuration files and enable unreleased features. Published September 10, 2024, this issue affects 27 Siemens SIMATIC RFID reader products including RF610R, RF615R, RF650R, RF680R, RF685R series readers, RF1140R, RF1170R, RF166C, RF185C, RF186C, RF186CI, RF188C, RF188CI, and RF360R models. The vulnerability stems from modifiable configuration files within affected applications that can be altered by privileged attackers to activate features not intended for release on specific devices. Siemens has released firmware updates to address this issue: RF1140R and RF1170R should be updated to V1.1 or later; RF166C, RF185C, RF186C, RF186CI, RF188C, RF188CI, and RF360R should be updated to V2.2 or later; and RF610R, RF615R, RF650R, RF680R, and RF685R series readers should be updated to V4.2 or later. The vulnerability was last modified May 6, 2025, with the revision addressing typo corrections.
- Vendor
- Siemens
- Product
- SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0)
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-10
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-09-10
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens SIMATIC RFID readers in industrial environments, particularly those in manufacturing, logistics, and supply chain operations where RFID tracking is critical. Security teams responsible for industrial control system (ICS) security and asset management should prioritize firmware updates. System integrators and OT security practitioners managing Siemens SIMATIC product deployments should review access controls and monitor for configuration changes.
Technical summary
The affected Siemens SIMATIC RFID reader applications contain configuration files that can be modified by attackers with privileged access. This allows enabling features that are not released for the specific device. The vulnerability has a CVSS 3.1 score of 6.5 (Medium severity) with the vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H, indicating network attack vector, low attack complexity, high privileges required, no user interaction, unchanged scope, no confidentiality impact, but high integrity and availability impact. The issue affects 27 products across multiple SIMATIC RFID reader families. Siemens has provided specific firmware version updates as remediation: V1.1 or later for RF1140R/RF1170R; V2.2 or later for RF166C, RF185C, RF186C, RF186CI, RF188C, RF188CI, and RF360R; and V4.2 or later for RF610R, RF615R, RF650R, RF680R, and RF685R series readers.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates: update RF1140R and RF1170R to V1.1 or later; update RF166C, RF185C, RF186C, RF186CI, RF188C, RF188CI, and RF360R to V2.2 or later; update RF610R, RF615R, RF650R, RF680R, and RF685R
- Restrict privileged access to affected Siemens SIMATIC RFID reader configuration files to authorized personnel only
- Monitor for unauthorized configuration changes on affected RFID reader devices
- Review and implement CISA ICS recommended practices for industrial control system security
- Segment affected RFID reader networks from untrusted networks to limit attack surface
Evidence notes
CVE published 2024-09-10; modified 2025-05-06. Advisory ICSA-24-256-07 published same date. Affects 27 Siemens SIMATIC RFID reader products. CVSS 3.1 vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H.
Official resources
-
CVE-2024-37990 CVE record
CVE.org
-
CVE-2024-37990 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-10