Siemens SIMATIC and TIA Portal Products: Type Confusion Vulnerability in Log File Parsing
CVE-2024-49849 Published on December 10, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 9), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety V19 (All versions < V19 Update 4), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 9), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions < V19 Update 4), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions < V17 Update 9), SIMATIC WinCC Unified V18 (All versions), SIMATIC WinCC Unified V19 (All versions < V19 Update 4), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions < V17 Update 9), SIMATIC WinCC V18 (All versions), SIMATIC WinCC V19 (All versions < V19 Update 4), SIMOCODE ES V16 (All versions), SIMOCODE ES V17 (All versions), SIMOCODE ES V18 (All versions), SIMOCODE ES V19 (All versions), SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions < V5.6 SP1 HF7), SINAMICS Startdrive V16 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SINAMICS Startdrive V19 (All versions), SIRIUS Safety ES V17 (TIA Portal) (All versions), SIRIUS Safety ES V18 (TIA Portal) (All versions), SIRIUS Safety ES V19 (TIA Portal) (All versions), SIRIUS Soft Starter ES V17 (TIA Portal) (All versions), SIRIUS Soft Starter ES V18 (TIA Portal) (All versions), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions), TIA Portal Cloud V16 (All versions), TIA Portal Cloud V17 (All versions), TIA Portal Cloud V18 (All versions), TIA Portal Cloud V19 (All versions < V5.2.1.1). Affected products do not properly sanitize user-controllable input when parsing log files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2024-49849 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2024-49849
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-49849 are published in these products:
Affected Versions
Siemens SIMATIC S7-PLCSIM V16:- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V17 Update 9 is affected.
- Before * is affected.
- Before V19 Update 4 is affected.
- Before * is affected.
- Before V17 Update 9 is affected.
- Before * is affected.
- Before V19 Update 4 is affected.
- Before * is affected.
- Before V17 Update 9 is affected.
- Before * is affected.
- Before V19 Update 4 is affected.
- Before * is affected.
- Before V17 Update 9 is affected.
- Before * is affected.
- Before V19 Update 4 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V5.6 SP1 HF7 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V5.2.1.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.