Summary: Siemens has issued a security advisory regarding an unlocked bootloader vulnerability in selected SINAMICS S200 devices, tracked as CVE-2024-56336. This flaw could allow attackers to download untrusted firmware, posing risks of device damage or compromise. Siemens urges customers to implement security measures and follow operational guidelines to mitigate threats.
Affected: SINAMICS S200 devices (serial numbers starting with SZVS8, SZVS9, SZVS0, or SZVSN, and FS number of 02)
Keypoints :
- Unlocked bootloader allows injection of malicious code or installation of untrusted firmware.
- CVSS v3.1 base score of the vulnerability is 9.8, indicating critical severity.
- Siemens recommends network access protection, adherence to operational guidelines, and general security practices.
- No firmware update has been released to address the vulnerability as of now.
Views: 10