PatchSiren cyber security CVE debrief
CVE-2024-41792 Siemens CVE debrief
CVE-2024-41792 affects Siemens SENTRON 7KT PAC1260 Data Manager devices and was published on 2025-04-08. The issue is a path traversal vulnerability in the web interface that could let an unauthenticated attacker access arbitrary files on the device with root privileges. Siemens’ advisory notes that no fix is currently planned, so exposure reduction and compensating controls are especially important.
- Vendor
- Siemens
- Product
- SENTRON 7KT PAC1260 Data Manager
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-08
- Original CVE updated
- 2025-04-08
- Advisory published
- 2025-04-08
- Advisory updated
- 2025-04-08
Who should care
Industrial control system owners, plant operators, OT security teams, and network defenders responsible for Siemens SENTRON 7KT PAC1260 Data Manager devices, especially where the web interface is reachable from shared or routed networks.
Technical summary
The supplied advisory describes a network-reachable path traversal flaw in the device web interface. The attacker does not need credentials, and successful exploitation could expose arbitrary files with root-level access. The published CVSS vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N) indicates remote exploitation, low attack complexity, no privileges required, and a high confidentiality impact with scope change.
Defensive priority
High. This is an unauthenticated remote issue affecting an OT/ICS device, and the advisory states there is no fix planned, so organizations should prioritize containment and access restriction if the affected interface is present.
Recommended defensive actions
- Inventory where Siemens SENTRON 7KT PAC1260 Data Manager devices are deployed and determine whether the web interface is enabled or reachable from any non-essential network.
- Restrict access to the device management interface to trusted engineering or maintenance networks only; remove it from broader enterprise, guest, or internet-facing paths.
- Apply OT network segmentation and defense-in-depth controls to reduce the chance that an attacker can reach the interface from less-trusted zones.
- Monitor for unusual requests to the web interface and for unexpected file access behavior on affected devices.
- Follow Siemens and CISA industrial-control-system hardening guidance for compensating controls and secure network architecture.
- Track the Siemens advisory and CISA ICS advisory for any future remediation updates, given the current no-fix-planned status.
Evidence notes
The source corpus identifies this as CVE-2024-41792 / ICSA-25-100-06 for Siemens SENTRON 7KT PAC1260 Data Manager. The description states the web interface contains a path traversal vulnerability that could allow an unauthenticated attacker to access arbitrary files on the device with root privileges. The remediation field says no fix is currently planned. The CVSS vector provided in the source is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N.
Official resources
-
CVE-2024-41792 CVE record
CVE.org
-
CVE-2024-41792 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA ICS advisory ICSA-25-100-06 on 2025-04-08. No KEV listing was provided in the source corpus, and Siemens’ remediation status is no fix planned as of the publication date.