CVE-2024-56336
Published: 11 March 2025
Description
Adversaries may modify system firmware to persist on systems.
Security Summary
CVE-2024-56336 is a critical vulnerability affecting SINAMICS S200 drives in all versions with serial numbers beginning with SZVS8, SZVS9, SZVS0, or SZVSN and an FS number of 02. The issue stems from an unlocked bootloader (CWE-287: Improper Authentication), which bypasses intrinsic security features designed to prevent data manipulation and unauthorized access. This allows attackers to inject malicious code or install untrusted firmware, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Remote attackers with network access to the device can exploit this vulnerability without authentication, privileges, or user interaction. Successful exploitation enables full compromise of the device, including high-impact confidentiality, integrity, and availability violations through arbitrary code execution or firmware replacement.
Siemens has published security advisory SSA-787280, available at https://cert-portal.siemens.com/productcert/html/ssa-787280.html, which provides details on mitigation and remediation steps for affected SINAMICS S200 drives.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The unlocked bootloader vulnerability enables remote unauthenticated network exploitation of the device for arbitrary code execution and untrusted firmware installation, directly mapping to T1190 for exploiting the exposed application/service and T1542.001 for replacing system firmware.