Heap-Based Buffer Overflow in Opcenter and SIMATIC Products by Siemens
CVE-2024-33698

9.3CRITICAL

Key Information:

Vendor: Siemens
Status: Opcenter Quality; Opcenter Rdnl; Simatic Pcs Neo V4.0; Simatic Pcs Neo V4.1
Vendor: CVE Published:; 10 September 2024

What is CVE-2024-33698?

A critical security vulnerability exists within the integrated UMC component of various Siemens products, including Opcenter and SIMATIC series. This vulnerability is characterized as a heap-based buffer overflow, which could potentially enable an unauthenticated remote attacker to execute arbitrary code on the affected systems. This flaw underscores the importance of regular updates and security patch management to protect industrial applications from malicious exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Opcenter Quality 0

Opcenter RDnL 0

SIMATIC PCS neo V4.0 0

References

https://cert-portal.siemens.com/productcert/html/ssa-0390...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Sep 10, 2024
Vulnerability Reserved
Apr 26, 2024

JSON

Siemens

What is CVE-2024-33698?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.