high
8.4
CWE
693
Advisory Published
Updated

CVE-2024-56181

First published: Tue Mar 11 2025(Updated: )

A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.

Credit: productcert@siemens.com

Affected SoftwareAffected VersionHow to fix
Siemens Simatic Field PG M5<=all versions
Siemens SIMATIC IPC BX-21A<31.01.07
Siemens SIMATIC IPC BX-32A<29.01.07
Siemens SIMATIC IPC BX-39A<29.01.07
Siemens SIMATIC IPC BX-59A<32.01.04
Siemens SIMATIC IPC PX-32A<29.01.07
Siemens SIMATIC IPC PX-39A PRO<29.01.07
Siemens SIMATIC IPC PX-39A PRO<29.01.07
Siemens SIMATIC IPC RC-543B<=all versions
Siemens SIMATIC IPC<=all versions
Siemens Simatic IPC127E Firmware<=all versions
Siemens SIMATIC IPC227E<=all versions
Siemens Simatic IPC227G Firmware<=all versions
Siemens SIMATIC IPC277E<=all versions
Siemens SIMATIC IPC277G PRO<=all versions
Siemens SIMATIC IPC277G PRO<=all versions
Siemens SIMATIC IPC3000 SMART V3<=all versions
Siemens Simatic IPC327G Firmware<=all versions
Siemens SIMATIC IPC347G<=all versions
Siemens Simatic IPC377G<=all versions
Siemens Simatic IPC427E Firmware<=all versions
Siemens Simatic IPC477E Firmware<=all versions
Siemens Simatic IPC477E Firmware<=all versions
Siemens Simatic IPC527G Firmware<=all versions
Siemens Simatic IPC627E Firmware<25.02.15
Siemens Simatic IPC647E Firmware<25.02.15
Siemens Simatic IPC677E Firmware<25.02.15
Siemens Simatic IPC847E Firmware<25.02.15
Siemens Simatic ITP1000 Firmware<=all versions

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What devices are affected by CVE-2024-56181?

    CVE-2024-56181 affects various models of Siemens SIMATIC devices including Field PG M5, IPC BX, PX series, and others with specific versions.

  • What is the severity level of CVE-2024-56181?

    The severity level of CVE-2024-56181 is classified as critical due to the potential impact on the security of affected devices.

  • How can I mitigate CVE-2024-56181?

    To mitigate CVE-2024-56181, it is recommended to update the affected devices to the latest firmware version that addresses this vulnerability.

  • Is CVE-2024-56181 remotely exploitable?

    Yes, CVE-2024-56181 is considered remotely exploitable, which increases the risk of unauthorized access to affected systems.

  • What are the potential consequences of not addressing CVE-2024-56181?

    Failure to address CVE-2024-56181 could result in unauthorized control over affected devices, leading to operational disruption and potential data compromise.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203