CVE-2024-41985
BaseFortify
Publication date: 2025-08-12
Last updated on: 2025-10-22
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | opcenter_quality | 13.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-613 | According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization." |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects SmartClient modules of Opcenter Quality, specifically Opcenter QL Home (SC), SOA Audit, and SOA Cockpit versions from V13.2 up to but not including V2506. The issue is that the application does not expire user sessions when they are left idle without logout. This means that if a session remains inactive, it can still be used, potentially allowing an attacker to gain unauthorized access by exploiting the non-expiring session. [1]
How can this vulnerability impact me? :
The vulnerability can allow an attacker to gain unauthorized access to the affected application if a legitimate user's session is left idle and not properly logged out. This unauthorized access could lead to potential misuse of the application or access to sensitive information within the system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability involves sessions not expiring without logout in affected SmartClient modules. Detection can focus on monitoring session management behavior, such as identifying idle sessions that remain active beyond expected timeouts. While specific commands are not provided, network or system administrators can check active sessions on the application server or IIS web server hosting the application, and monitor for unusually long-lived sessions. Additionally, reviewing logs for session activity and using network monitoring tools to detect persistent session tokens may help identify the issue. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the affected SmartClient modules (Opcenter QL Home (SC), SOA Audit, SOA Cockpit) to version V2506 or later, as recommended by Siemens. Additionally, operate the SmartClient in secured network environments, apply least privilege principles, harden IIS web server configurations, and follow Siemensβ operational guidelines for Industrial Security. Ensuring sessions expire properly by configuring session timeouts or implementing logout mechanisms can also help mitigate unauthorized access due to idle sessions. [1]