ICSA-24-256-03
·
Published 2025-10-14
·
View on CISA ICS-CERT ↗
Siemens User Management Component (UMC)
CVSS 9.8
CRITICAL
CVEs (1)
Remediations
- Filter the ports 4002 and 4004 to only accept connections to/from the IP addresses of machines that run UMC and are part of the UMC network e.g. with an external firewall
- In addition if no RT server machines are used, port 4004 can be blocked completely
- Currently no fix is planned
- Update to V17 Update 8 or later version
- Update to V18 Update 5 or later version
- Update to V19 Update 3 or later version
- Update to V2406 or later version
- Update to V2410 or later version
- Update to V3.2 SP3 or later version
- Update to V4.1 Update 2 or later version
- Update to V5.0 Update 1 or later version
- Update UMC to V2.15.1.1 or later compatible version https://support.industry.siemens.com/cs/ww/en/view/109987708/
Affected Vendors
Siemens
Affected Products (11)
Siemens
·
Opcenter Quality
vers:intdot/<2406
Siemens
·
Opcenter RDnL
vers:intdot/<2410
Siemens
·
SIMATIC PCS neo V4.0
vers:all/*
Siemens
·
SIMATIC PCS neo V4.1
<V4.1_Update_2
Siemens
·
SIMATIC PCS neo V5.0
<V5.0_Update_1
Siemens
·
SINEC NMS
vers:all/*
Siemens
·
SINEMA Remote Connect Client
<V3.2_SP3
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V16
vers:all/*
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V17
<V17_Update_8
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V18
<V18_Update_5
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V19
<V19_Update_3
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more