PatchSiren cyber security CVE debrief
CVE-2024-6119 Siemens CVE debrief
CVE-2024-6119 affects multiple Siemens SCALANCE WAB/WAM/WUB/WUM wireless product variants when they perform certificate name checks during TLS client validation. According to the advisory, comparing an expected DNS name, email address, or IP address with an X.509 `otherName` subject alternative name can trigger an invalid memory read and terminate the application process, creating a denial-of-service condition. Siemens lists firmware V3.0.0 or later as the remediation across the affected products.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
OT operators, network and security teams, and application owners using the affected Siemens SCALANCE wireless products in deployments that validate peer certificates by expected name. This is most relevant where the device or adjacent software performs TLS client-side certificate name checking.
Technical summary
The advisory describes a memory-safety fault in certificate name comparison logic. Basic certificate chain validation is not affected, but if an application also checks an expected DNS name, email address, or IP address, an X.509 certificate containing an `otherName` SAN may cause an invalid memory access and abnormal termination. Siemens notes that this is generally a client-side name-checking issue; TLS servers are usually not impacted because they typically do not perform reference-identifier name checks in the same way.
Defensive priority
High for environments running affected SCALANCE variants that rely on certificate name validation, because a malformed certificate can crash the application and disrupt service. Prioritize exposed OT deployments and any systems that terminate or proxy TLS for industrial workflows.
Recommended defensive actions
- Upgrade affected Siemens SCALANCE products to V3.0.0 or later, per the Siemens remediation guidance.
- Inventory where these products are deployed and determine whether any TLS workflows perform certificate name checks against DNS name, email address, or IP address identifiers.
- Test remediation in a maintenance window and verify that dependent OT communications still function after the update.
- Monitor for application crashes or unexpected terminations in TLS-enabled components that validate peer certificates.
- Use the Siemens and CISA advisories to confirm the exact affected model and firmware mapping before scheduling changes.
Evidence notes
Source evidence comes from the CISA CSAF advisory ICSA-25-044-09 and the linked Siemens advisory SSA-769027. The supplied advisory content states that 19 Siemens SCALANCE product variants are affected and that V3.0.0 or later is the vendor fix. The advisory publication date is 2025-02-11 and the later 2025-05-06 update is listed as typo fixes only. The advisory narrative emphasizes abnormal termination / denial of service in applications performing certificate name checks; it also states that basic chain validation is not affected and that TLS servers are generally not affected.
Official resources
-
CVE-2024-6119 CVE record
CVE.org
-
CVE-2024-6119 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory published 2025-02-11 and revised 2025-05-06 for typo fixes only. This debrief uses only the supplied advisory corpus and official links.