CVE-2024-50561 Siemens CVE debrief

Who should care

Industrial control system operators, OT security teams, and Siemens SCALANCE administrators responsible for the listed WAB/WAM/WUB/WUM wireless access point and bridge models should prioritize this advisory, especially where file-upload features are exposed to trusted users or operational staff.

Technical summary

The advisory describes a filename-sanitization weakness in the upload path of affected Siemens SCALANCE devices. The security impact is limited to integrity according to the supplied CVSS vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N), while the narrative text says an authenticated remote attacker could compromise system integrity. Siemens’ remediation is to update affected products to version V3.0.0 or later.

Defensive priority

Medium

Recommended defensive actions

• Upgrade all affected SCALANCE WAB/WAM/WUB/WUM devices to V3.0.0 or later using Siemens' remediation guidance.
• Inventory the 19 listed product variants to confirm which devices are deployed and whether any are running vulnerable firmware.
• Review access to any upload functionality on these devices and limit it to only trusted administrative workflows.
• Monitor device logs and configuration management processes for unexpected file-upload activity or integrity changes.
• Track Siemens and CISA advisory updates for any additional remediation details or product-specific notes.

Evidence notes

Primary evidence comes from the Siemens advisory mirrored in CISA CSAF (ICSA-25-044-09 / SSA-769027), published on 2025-02-11 and revised on 2025-05-06 for typo fixes only. The source lists 19 affected Siemens SCALANCE product variants and a single remediation: update to V3.0.0 or later. The supplied enrichment marks this as not a Known Exploited Vulnerability.

Official resources