PatchSiren cyber security CVE debrief
CVE-2024-50560 Siemens CVE debrief
CVE-2024-50560 is a Siemens SCALANCE W700 issue where usernames longer than 15 characters can be truncated when users connect over SSH or Telnet. According to the advisory, this may let an attacker affect system integrity. CISA lists the issue as low severity, but it still matters because it involves remote management access on affected industrial devices.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- LOW 3.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-11-12
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-11-12
- Advisory updated
- 2025-05-06
Who should care
OT/ICS administrators, network security teams, and asset owners using the listed Siemens SCALANCE WAB/WAM/WUB/WUM devices should review this issue, especially where SSH or Telnet management access is enabled.
Technical summary
The advisory describes a username handling flaw in affected Siemens SCALANCE devices: usernames longer than 15 characters are truncated during SSH or Telnet access. That behavior can create an authentication or identity-handling mismatch and may allow an attacker to compromise system integrity. The supplied CVSS vector reflects network reachability, low attack complexity, low privileges, and integrity impact only.
Defensive priority
Moderate for exposed remote-management environments; otherwise lower. The CVSS score is LOW, but the flaw affects authentication-related access paths on industrial devices, so remediation should be tracked and applied on normal patch cycles without delay.
Recommended defensive actions
- Update affected devices to V3.0.0 or later, as directed by Siemens.
- Identify where the listed SCALANCE products are deployed and whether SSH or Telnet management is enabled.
- Restrict remote management access to trusted administration networks and approved operators only.
- Prefer disabling Telnet where operationally possible and use secure remote administration practices.
- Validate account and username policy handling after remediation, especially for usernames near or above 15 characters.
- Review CISA industrial control system recommended practices for defense-in-depth hardening.
Evidence notes
This debrief is based on the CISA CSAF advisory ICSA-25-044-09 and the Siemens product security advisory referenced there. The advisory text states that affected devices truncate usernames longer than 15 characters when accessed via SSH or Telnet and that this could allow an attacker to compromise system integrity. The source also lists the remediation as V3.0.0 or later. Publication context in the supplied timeline shows the CVE/advisory was published on 2025-02-11 and revised on 2025-05-06 for typos.
Official resources
-
CVE-2024-50560 CVE record
CVE.org
-
CVE-2024-50560 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory and CVE record on 2025-02-11, with a later revision on 2025-05-06 noted as typo fixes in the supplied revision history.