ICSA-24-354-04
·
Published 2026-01-14
·
View on CISA ICS-CERT ↗
Siemens User Management Component
CVSS 9.8
CRITICAL
CVEs (1)
Remediations
- Filter the ports 4002 and 4004 to only accept connections to/from the IP addresses of machines that run UMC and are part of the UMC network e.g. with an external firewall
- In addition if no RT server machines are used, port 4004 can be blocked completely
- Currently no fix is planned
- Update to V2410 or later version
- Update to V2501.0001 or later version
- Update to V2512 or later version
- Update to V4.1 Update 3 or later version
- Update to V5.0 Update 1 or later version
- Update UMC to V2.15.1.1 or later compatible version https://support.industry.siemens.com/cs/ww/en/view/109987708/
Affected Vendors
Siemens
Affected Products (13)
Siemens
·
Desigo ABT
vers:all/*
Siemens
·
Opcenter Execution Foundation
vers:intdot/<2501.0001
Siemens
·
Opcenter Intelligence
vers:intdot/<2501.0001
Siemens
·
Opcenter Quality
vers:intdot/<2512
Siemens
·
Opcenter RDnL
vers:intdot/<2410
Siemens
·
SIMATIC PCS neo V4.0
vers:all/*
Siemens
·
SIMATIC PCS neo V4.1
<V4.1_Update_3
Siemens
·
SIMATIC PCS neo V5.0
<V5.0_Update_1
Siemens
·
SINEC NMS
vers:all/*
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V16
vers:all/*
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V17
vers:all/*
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V18
vers:all/*
Siemens
·
Totally Integrated Automation Portal (TIA Portal) V19
vers:all/*
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more