CVE-2024-54678
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-12-09

Assigner: Siemens AG

Description
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 9), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions < V19 Update 4), SIMATIC STEP 7 V20 (All versions < V20 Update 4), SIMATIC WinCC V17 (All versions < V17 Update 9), SIMATIC WinCC V18 (All versions), SIMATIC WinCC V19 (All versions < V19 Update 4), SIMATIC WinCC V20 (All versions < V20 Update 4), SIMOCODE ES V17 (All versions), SIMOCODE ES V18 (All versions), SIMOCODE ES V19 (All versions), SIMOCODE ES V20 (All versions), SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions < V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SINAMICS Startdrive V19 (All versions), SINAMICS Startdrive V20 (All versions), SIRIUS Safety ES V17 (TIA Portal) (All versions), SIRIUS Safety ES V18 (TIA Portal) (All versions), SIRIUS Safety ES V19 (TIA Portal) (All versions), SIRIUS Safety ES V20 (TIA Portal) (All versions), SIRIUS Soft Starter ES V17 (TIA Portal) (All versions), SIRIUS Soft Starter ES V18 (TIA Portal) (All versions), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions), SIRIUS Soft Starter ES V20 (TIA Portal) (All versions), TIA Portal Cloud V17 (All versions), TIA Portal Cloud V18 (All versions), TIA Portal Cloud V19 (All versions < V5.2.1.1), TIA Portal Cloud V20 (All versions < V5.2.2.2), TIA Portal Test Suite V20 (All versions < V20 Update 4). Affected products do not properly sanitize Interprocess Communication input received through a Windows Named Pipe accessible to all local users. This could allow an authenticated local attacker to cause a type confusion and execute arbitrary code within the affected application.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2024-54678
EUVD
EUVD-2024-54862
Affected Vendors & Products
Showing 37 associated CPEs
Vendor Product Version / Range
siemens sirius_safety_es 17
siemens simocode_es 19
siemens simocode_es 20
siemens simotion_scout_tia 5.5
siemens simotion_scout_tia 5.6
siemens simatic_wincc 19
siemens simatic_pcs_neo 4.1
siemens simocode_es 17
siemens simotion_scout_tia 5.7
siemens simocode_es 18
siemens sirius_soft_starter_es 18
siemens sinamics_startdrive 20
siemens sirius_safety_es 19
siemens sirius_safety_es 20
siemens tia_portal_cloud 19
siemens sirius_safety_es 18
siemens simatic_step_7 19
siemens simatic_step_7 17
siemens tia_portal_cloud 17
siemens tia_portal_test_suite 20
siemens simatic_step_7 20
siemens sirius_soft_starter_es 19
siemens simatic_pcs_neo 6.0
siemens simatic_wincc 17
siemens sinamics_startdrive 19
siemens simatic_wincc 20
siemens simatic_wincc 18
siemens tia_portal_cloud 20
siemens sinamics_startdrive 18
siemens simatic_pcs_neo 5.0
siemens simatic_step_7 18
siemens sirius_soft_starter_es 17
siemens sirius_soft_starter_es 20
siemens simatic_s7-plcsim 17
siemens simotion_scout_tia 5.4
siemens tia_portal_cloud 18
siemens sinamics_startdrive 17
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a deserialization flaw in multiple Siemens engineering software products. It occurs because these products do not properly restrict access to a local Windows Named Pipe and fail to sanitize input received through it. This allows an authenticated local attacker to exploit type confusion and execute arbitrary code within the affected application, potentially gaining control over it. [1]


How can this vulnerability impact me? :

If exploited, this vulnerability can allow a local authenticated attacker to execute arbitrary code within the affected application, potentially leading to full compromise of the software's functionality and its privilege context. This could result in unauthorized control over engineering and commissioning processes of Siemens automation hardware and systems, impacting operational integrity and security. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability involves improper sanitization of input received through a Windows Named Pipe accessible to all local users. Detection can focus on monitoring or inspecting access to Windows Named Pipes used by affected Siemens products. However, no specific detection commands or tools are provided in the available resources. General detection might involve auditing named pipe permissions and monitoring for unusual local access or attempts to interact with these pipes, but exact commands are not specified. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include running affected software on Windows hosts configured with only a single user on desktop systems, and restricting operating system-level access to administrators only on server systems. Users should also protect network access with appropriate security mechanisms and configure environments according to Siemens' operational guidelines for Industrial Security. Additionally, updating affected products to the latest versions or patches where available is strongly recommended. For products without available fixes, applying these mitigations is critical to reduce risk. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart