PatchSiren cyber security CVE debrief
CVE-2024-45385 Siemens CVE debrief
A reflected cross-site scripting (XSS) vulnerability in Siemens Industrial Edge Management OS (IEM-OS) could allow attackers to extract sensitive information by tricking users into accessing malicious links. Published January 14, 2025, this MEDIUM severity issue (CVSS 4.7) affects the IEM-OS platform with no patch planned; Siemens recommends migrating to Industrial Edge Management Virtual (IEM-V) as the remediation path.
- Vendor
- Siemens
- Product
- Industrial Edge Management OS (IEM-OS)
- CVSS
- MEDIUM 4.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-01-14
- Original CVE updated
- 2025-01-14
- Advisory published
- 2025-01-14
- Advisory updated
- 2025-01-14
Who should care
Organizations operating Siemens Industrial Edge Management OS (IEM-OS) for industrial edge computing infrastructure, particularly in manufacturing, energy, and critical infrastructure sectors. Security teams responsible for OT/ICS environments, network administrators managing edge device deployments, and compliance officers tracking unpatched vulnerabilities in industrial control systems should prioritize migration planning.
Technical summary
CVE-2024-45385 is a reflected cross-site scripting vulnerability in Siemens Industrial Edge Management OS (IEM-OS). The flaw allows attackers to craft malicious URLs that, when accessed by authenticated users, execute arbitrary scripts in the context of the IEM-OS web interface. This could lead to session hijacking, credential theft, or unauthorized actions. The CVSS 3.1 score of 4.7 (MEDIUM) reflects network attack vector, high attack complexity, required user interaction, and changed scope with low confidentiality and integrity impact. Exploitation requires social engineering to induce users to click malicious links. Siemens has classified this as 'no fix planned' for IEM-OS, directing users to migrate to Industrial Edge Management Virtual (IEM-V) as the definitive remediation.
Defensive priority
medium
Recommended defensive actions
- Migrate affected IEM-OS deployments to Industrial Edge Management Virtual (IEM-V) per vendor guidance
- Implement network segmentation to limit IEM-OS web interface exposure
- Deploy web application firewalls with XSS filtering rules for IEM-OS interfaces
- Enforce principle of least privilege for IEM-OS administrative access
- Monitor for suspicious URL patterns targeting IEM-OS endpoints
- Apply defense-in-depth strategies per CISA ICS recommended practices
Evidence notes
Source corpus confirms reflected XSS in IEM-OS with CVSS 3.1 vector AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:U/RC:C. CISA advisory ICSA-25-016-02 and Siemens SSA-416411 provide authoritative technical details. No KEV listing or known ransomware campaign use is documented.
Official resources
-
CVE-2024-45385 CVE record
CVE.org
-
CVE-2024-45385 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2024-45385 was published on January 14, 2025, with CISA advisory ICSA-25-016-02 released the same day. The vulnerability was coordinated through Siemens ProductCERT with CSAF-formatted advisories.