CVE-2024-50572 Siemens CVE debrief

Who should care

Operators and maintainers of Siemens SCALANCE WAB/WAM/WUB/WUM devices in industrial or OT networks, especially teams that allow remote administrative access.

Technical summary

The advisory describes an input sanitization weakness in affected SCALANCE devices. Because the vulnerable path can be reached by an authenticated remote attacker with administrative privileges, successful abuse could lead to code execution with root-level impact on confidentiality, integrity, and availability. The published remediation is to update affected products to V3.0.0 or later.

Defensive priority

High

Recommended defensive actions

• Upgrade all affected Siemens SCALANCE WAB762-1, WAM763-1, WAM766-1, WUB762-1, and WUM763/766 variants to V3.0.0 or later as directed by Siemens.
• Restrict administrative access to device management interfaces to trusted hosts and networks only.
• Apply least-privilege access for administrative accounts and review who can manage affected devices.
• Use CISA ICS recommended practices and Siemens guidance to harden OT management paths, logging, and change control.

Evidence notes

The supplied CISA CSAF advisory ICSA-25-044-09 and Siemens advisory SSA-769027 both state that affected devices do not properly sanitize an input field, allowing an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. The advisory covers 19 Siemens SCALANCE product variants and recommends updating to V3.0.0 or later. The advisory was published on 2025-02-11 and revised on 2025-05-06; the revision history says the later change fixed typos only. No KEV listing is included in the supplied enrichment.

Official resources