CVE-2024-37993
First published: Tue Sep 10 2024(Updated: )
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| siemens simatic rf360r firmware | <2.2 | |
| siemens simatic rf360r | ||
| All of | ||
| Siemens SIMATIC RF1170R | <1.1 | |
| Siemens SIMATIC RF1170R Firmware | ||
| All of | ||
| Siemens SIMATIC RF1140R Firmware | <1.1 | |
| Siemens SIMATIC RF1140R Firmware | ||
| All of | ||
| Siemens SIMATIC Reader RF685R FCC | <4.2 | |
| Siemens SIMATIC Reader RF685R FCC | ||
| All of | ||
| siemens SIMATIC Reader RF685R ETSI | <4.2 | |
| Siemens SIMATIC Reader RF685R ETSI Firmware | ||
| All of | ||
| Siemens SIMATIC Reader RF685R CMIIT Firmware | <4.2 | |
| Siemens SIMATIC Reader RF685R CMIIT | ||
| All of | ||
| siemens SIMATIC Reader RF685R ARIB | <4.2 | |
| siemens SIMATIC Reader RF685R ARIB firmware | ||
| All of | ||
| Siemens SIMATIC Reader RF680R FCC | <4.2 | |
| Siemens SIMATIC Reader RF680R FCC | ||
| All of | ||
| Siemens SIMATIC Reader RF680R ETSI | <4.2 | |
| Siemens SIMATIC Reader RF680R ETSI | ||
| All of | ||
| siemens SIMATIC Reader RF680R CMIIT | <4.2 | |
| siemens SIMATIC Reader RF680R CMIIT | ||
| All of | ||
| Siemens SIMATIC RF680R ARIB | <4.2 | |
| Siemens SIMATIC RF680R ARIB | ||
| All of | ||
| Siemens SIMATIC Reader RF650R FCC | <4.2 | |
| Siemens SIMATIC Reader RF650R FCC firmware | ||
| All of | ||
| siemens SIMATIC Reader RF650R ETSI firmware | <4.2 | |
| siemens SIMATIC Reader RF650R ETSI | ||
| All of | ||
| Siemens SIMATIC Reader RF650R CMIIT | <4.2 | |
| Siemens SIMATIC Reader RF650R FCC | ||
| All of | ||
| Siemens SIMATIC Reader RF650R ARIB firmware | <4.2 | |
| Siemens SIMATIC Reader RF650R ARIB firmware | ||
| All of | ||
| Siemens SIMATIC Reader RF615R FCC | <4.2 | |
| Siemens SIMATIC Reader RF615R CMIIT | ||
| All of | ||
| Siemens SIMATIC Reader RF615R ETSI | <4.2 | |
| Siemens SIMATIC Reader RF615R ETSI firmware | ||
| All of | ||
| Siemens SIMATIC Reader RF615R CMIIT | <4.2 | |
| Siemens SIMATIC Reader RF615R CMIIT | ||
| All of | ||
| Siemens SIMATIC Reader RF610R FCC | <4.2 | |
| Siemens SIMATIC Reader RF610R | ||
| All of | ||
| Siemens SIMATIC Reader RF610R ETSI | <4.2 | |
| Siemens SIMATIC Reader RF610R | ||
| All of | ||
| Siemens SIMATIC Reader RF610R CMIIT | <4.2 | |
| Siemens SIMATIC Reader RF610R | ||
| All of | ||
| Siemens Simatic RF188CI Firmware | <2.2 | |
| Siemens Simatic RF188CI Firmware | ||
| All of | ||
| Siemens SIMATIC RF188C Firmware | <2.2 | |
| Siemens Simatic RF188C | ||
| All of | ||
| Siemens Simatic RF186C | <2.2 | |
| Siemens Simatic RF186Ci Firmware | ||
| All of | ||
| Siemens Simatic RF186C | <2.2 | |
| Siemens Simatic RF186C Firmware | ||
| All of | ||
| Siemens Simatic RF185C Firmware | <2.2 | |
| Siemens Simatic RF185C Firmware | ||
| All of | ||
| siemens simatic rf166c firmware | <2.2 | |
| siemens simatic rf166c |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-37993?
The severity of CVE-2024-37993 is classified as high due to the potential exploitation in vulnerable Siemens SIMATIC Reader devices.
Which devices are affected by CVE-2024-37993?
CVE-2024-37993 affects Siemens SIMATIC Readers RF610R, RF615R, RF685R, and RF680R, among others that are below version 4.2.
How do I fix CVE-2024-37993?
To fix CVE-2024-37993, users should upgrade their SIMATIC Reader devices to version 4.2 or later.
What types of vulnerabilities are present in CVE-2024-37993?
CVE-2024-37993 may involve unauthorized access and manipulation of data due to insufficient security controls.
Is there a workaround for CVE-2024-37993?
Currently, the best recommendation is to update to the latest firmware version, as no official workarounds are provided for CVE-2024-37993.
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens simatic rf360r firmware
- canonical/siemens simatic rf360r
- canonical/siemens simatic rf1170r
- canonical/siemens simatic rf1170r firmware
- canonical/siemens simatic rf1140r firmware
- canonical/siemens simatic reader rf685r fcc
- canonical/siemens simatic reader rf685r etsi
- canonical/siemens simatic reader rf685r etsi firmware
- canonical/siemens simatic reader rf685r cmiit firmware
- canonical/siemens simatic reader rf685r cmiit
- canonical/siemens simatic reader rf685r arib
- canonical/siemens simatic reader rf685r arib firmware
- canonical/siemens simatic reader rf680r fcc
- canonical/siemens simatic reader rf680r etsi
- canonical/siemens simatic reader rf680r cmiit
- canonical/siemens simatic rf680r arib
- canonical/siemens simatic reader rf650r fcc
- canonical/siemens simatic reader rf650r fcc firmware
- canonical/siemens simatic reader rf650r etsi firmware
- canonical/siemens simatic reader rf650r etsi
- canonical/siemens simatic reader rf650r cmiit
- canonical/siemens simatic reader rf650r arib firmware
- canonical/siemens simatic reader rf615r fcc
- canonical/siemens simatic reader rf615r cmiit
- canonical/siemens simatic reader rf615r etsi
- canonical/siemens simatic reader rf615r etsi firmware
- canonical/siemens simatic reader rf610r fcc
- canonical/siemens simatic reader rf610r
- canonical/siemens simatic reader rf610r etsi
- canonical/siemens simatic reader rf610r cmiit
- canonical/siemens simatic rf188ci firmware
- canonical/siemens simatic rf188c firmware
- canonical/siemens simatic rf188c
- canonical/siemens simatic rf186c
- canonical/siemens simatic rf186ci firmware
- canonical/siemens simatic rf186c firmware
- canonical/siemens simatic rf185c firmware
- canonical/siemens simatic rf166c firmware
- canonical/siemens simatic rf166c