CVE-2024-52504
BaseFortify
Publication date: 2025-08-12
Last updated on: 2025-08-12
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | siprotect_4_compact | 7sk81 |
| siemens | siprotect_4 | 7ve6 |
| siemens | siprotect_4 | 7vk61 |
| siemens | siprotect_4 | 7ss52 |
| siemens | siprotect_4 | 7sj62 |
| siemens | siprotect_4 | 7ut612 |
| siemens | siprotect_4 | 7ut63 |
| siemens | siprotect_4_compact | 7sk80 |
| siemens | siprotect_4 | 7um62 |
| siemens | siprotect_4 | 7um61 |
| siemens | siprotect_4 | 6md61 |
| siemens | siprotect_4 | 7sj66 |
| siemens | siprotect_4 | 6md665 |
| siemens | siprotect_4_compact | 7sj80 |
| siemens | siprotect_4 | 7sd5 |
| siemens | siprotect_4 | 6md63 |
| siemens | siprotect_4 | 7sa522 |
| siemens | siprotect_4 | 6md66 |
| siemens | siprotect_4_compact | 7sd80 |
| siemens | siprotect_4 | 7sj63 |
| siemens | siprotect_4_compact | 7sj81 |
| siemens | siprotect_4 | 7vu683 |
| siemens | siprotect_4 | 7sj64 |
| siemens | siprotect_4 | 7sd610 |
| siemens | siprotect_4_compact | 7rw80 |
| siemens | siprotect_4 | 7sa6 |
| siemens | siprotect_4 | 7sj61 |
| siemens | siprotect_4 | 7st6 |
| siemens | siprotect_4 | 7ut613 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects various SIPROTEC 4 and SIPROTEC 4 Compact devices used in electrical substations. The devices do not properly handle interrupted file transfer operations, which allows an unauthenticated remote attacker to cause a denial of service (DoS) condition. When exploited, the affected device stops functioning normally and requires a restart to restore operations. [1]
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition on the affected SIPROTEC devices. An attacker can remotely cause the devices to stop functioning properly without authentication, potentially disrupting protection, control, measurement, and automation functions in electrical substations. This disruption could affect the reliability and availability of critical power infrastructure until the device is restarted. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided resources do not include specific detection methods or commands to identify this vulnerability on your network or system. Detection would likely involve monitoring for denial of service conditions caused by interrupted file transfer operations on affected SIPROTEC 4 devices, but no explicit commands or tools are suggested. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying available security updates where provided, especially updating SIPROTEC 4 models 7SA6, 7SD5, and 7SD610 to version V4.78 or later. For devices without available fixes, implement general security measures such as network segmentation, firewalls, VPNs, and follow operational guidelines to protect devices within a secure IT environment. Additionally, ensure multi-level redundant secondary protection schemes are in place to maintain grid resilience and minimize cyber incident risks. If a denial of service occurs, restarting the affected device restores normal operations. [1]