PatchSiren cyber security CVE debrief
CVE-2024-42512 Siemens CVE debrief
CVE-2024-42512 is a Siemens-disclosed authentication bypass affecting the OPC UA .NET Standard Stack before version 1.5.374.158. The issue is conditional: it applies when the deprecated Basic128Rsa15 security policy is enabled, and the CISA CSAF advisory maps it to multiple Siemens products including SIMATIC Energy Manager PRO V7.2-V7.5 and SIMIT V11. Updates are available for some affected products, while Siemens lists no fix planned for SIMATIC Energy Manager PRO V7.2 and V7.3.
- Vendor
- Siemens
- Product
- SIMATIC Energy Manager PRO V7.2
- CVSS
- HIGH 7.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-11
- Original CVE updated
- 2026-01-14
- Advisory published
- 2025-03-11
- Advisory updated
- 2026-01-14
Who should care
OT/ICS operators, Siemens product owners, and system integrators using affected Siemens products that rely on OPC UA connectivity, especially if Basic128Rsa15 is enabled anywhere in the environment.
Technical summary
The vulnerability is an authentication bypass in the OPC UA .NET Standard Stack prior to 1.5.374.158. According to the advisory description, an unauthorized attacker can bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. Siemens' CSAF advisory ties the issue to affected product versions including SIMATIC Energy Manager PRO V7.2-V7.5 and SIMIT V11, with vendor remediation paths varying by product.
Defensive priority
High. The issue can enable unauthorized access, but exposure depends on the deprecated Basic128Rsa15 policy being enabled. Prioritize any internet-exposed or segmented-by-trust OPC UA deployments, then verify whether affected Siemens products are present and whether vendor fixes are available for the installed versions.
Recommended defensive actions
- Inventory Siemens products that use the OPC UA .NET Standard Stack and confirm whether any instance has Basic128Rsa15 enabled.
- Apply Siemens remediations where available: update SIMIT V11 to V11.3 or later, SIMATIC Energy Manager PRO V7.4 to Update 7 or later, and SIMATIC Energy Manager PRO V7.5 to Update 2 or later.
- For SIMATIC Energy Manager PRO V7.2 and V7.3, track Siemens guidance closely because the advisory states no fix is currently planned; use compensating controls and isolation.
- Disable or retire deprecated Basic128Rsa15 wherever operationally possible, and prefer stronger supported security policies.
- Restrict network access to affected OT assets and monitor for unexpected authentication activity on OPC UA services.
Evidence notes
Based on the CISA CSAF advisory ICSA-25-072-09 and Siemens ProductCERT advisory SSA-858251, published 2025-03-11 and republished by CISA on 2026-01-14. The source revision history notes a June 10, 2025 update adding a fix for SIMIT V11. The advisory states no fix is planned for SIMATIC Energy Manager PRO V7.2 and V7.3. No Known Exploited Vulnerabilities listing was provided in the supplied corpus.
Official resources
-
CVE-2024-42512 CVE record
CVE.org
-
CVE-2024-42512 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed through Siemens ProductCERT and CISA CSAF on 2025-03-11, with CISA republication noted in the source revision history on 2026-01-14. The supplied corpus does not include KEV entry details.