SSA-858251

Siemens Security Advisory by Siemens ProductCERT

SSA-858251: Authentication Bypass Vulnerabilities in OPC UA

Publication Date:	2025-03-11
Last Update:	2026-01-13
Current Version:	V1.2
CVSS v3.1 Base Score:	9.1

SUMMARY

The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server.

Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.

KNOWN AFFECTED PRODUCTS

Un-/Collapse All

Affected Product and Versions	Remediation
Industrial Edge for Machine Tools (formerly known as "SINUMERIK Edge") All versions affected by CVE-2024-42513	Currently no fix is planned
SIMATIC Energy Manager PRO	Show more details
SIMATIC Energy Manager PRO V7.2 All versions affected by all CVEs CVE-2024-42512 CVE-2024-42513	Currently no fix is planned
SIMATIC Energy Manager PRO V7.3 All versions affected by all CVEs CVE-2024-42512 CVE-2024-42513	Currently no fix is planned
SIMATIC Energy Manager PRO V7.4 All versions >= V7.4 Update 0 < V7.4 Update 7 affected by all CVEs CVE-2024-42512 CVE-2024-42513	Update to V7.4 Update 7 or later version https://support.industry.siemens.com/cs/ww/en/view/109997044/
SIMATIC Energy Manager PRO V7.5 All versions >= V7.5 Update 0 < V7.5 Update 2 affected by all CVEs CVE-2024-42512 CVE-2024-42513	Update to V7.5 Update 2 or later version https://support.industry.siemens.com/cs/ww/en/view/109996728/
SIMATIC IPC DiagMonitor All versions affected by CVE-2024-42513	Currently no fix is planned Please note that the affected functionality (HTTPS endpoint in OPC UA Server) is deactivated by default. Systems running with default configuration are therefore not affected by this vulnerability.
SIMATIC WinCC V8.0 All versions < V8.0 Update 3 affected by CVE-2024-42513	Update to V8.0 Update 3 or later version https://support.industry.siemens.com/cs/ww/en/view/109818723/
SIMIT V11 All versions < V11.3 affected by CVE-2024-42512	Update to V11.3 or later version https://support.industry.siemens.com/cs/ww/en/view/109987184/
Totally Integrated Automation Portal (TIA Portal)	Show more details
SIMATIC WinCC Unified V18 All versions affected by CVE-2024-42513	Currently no fix is available Please note that the affected functionality (HTTPS endpoint in OPC UA Server) is deactivated by default in Unified RT. Systems running with default configuration are therefore not affected by this vulnerability.
SIMATIC WinCC Unified V19 All versions < V19 Update 4 affected by CVE-2024-42513	Update to V19 Update 4 or later version https://support.industry.siemens.com/cs/ww/en/view/109925643/ Please note that the affected functionality (HTTPS endpoint in OPC UA Server) is deactivated by default in Unified RT. Systems running with default configuration are therefore not affected by this vulnerability.

KNOWN NOT AFFECTED PRODUCTS

Un-/Collapse All

Known Not Affected Products	Reason
SIMATIC BRAUMAT All versions not affected by CVE-2024-42513	The product does not expose an HTTPS endpoint. (Vulnerable Code Not in Execute Path)
SIMATIC SISTAR All versions not affected by CVE-2024-42513	The product does not expose an HTTPS endpoint. (Vulnerable Code Not in Execute Path)

MITIGATIONS

Product-specific remediations or mitigations can be found in the section Known Affected Products.
Please follow the General Security Recommendations.

GENERAL SECURITY RECOMMENDATIONS

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

PRODUCT DESCRIPTION

A combination of hardware and software, Siemens’ SINUMERIK Edge provides a machine-oriented platform for apps that facilitate digital production support and optimization.

Industrial Edge represents an open, ready-to-use Edge computing platform consisting of Edge devices, Edge apps, Edge connectivity, and an application and device management infrastructure.

SIMATIC BRAUMAT / SISTAR are industry-specific control systems especially for the control and monitoring of recipe-controlled production processes such as in the food, beverages and tobacco industries as well as for comparable batch-oriented production processes.

SIMATIC Energy Manager provides users with a scalable, non-sector-specific energy data management system.

SIMATIC IPC DiagMonitor monitors, reports, visualizes and logs the system states of the SIMATIC IPCs. It communicates with other systems and reacts when events occur.

SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system.

SIMATIC WinCC Unified is a completely new visualization system that enables you to successfully master the challenges of digitization in machine and plant engineering.

SIMIT Simluation Platform allows the simulation of plant setups in order to anticipate faults in the early planning phase.

VULNERABILITY DESCRIPTION

Un-/Collapse All

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory. Wherever applicable, it also documents the product-specific impact of the individual vulnerabilities.

Vulnerability CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.

CVSS v3.1 Base Score	7.4
CVSS v3.1 Vector	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE	CWE-208: Observable Timing Discrepancy

Vulnerability CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints.

CVSS v3.1 Base Score	9.1
CVSS v3.1 Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE	CWE-305: Authentication Bypass by Primary Weakness

ADDITIONAL INFORMATION

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

HISTORY DATA

V1.0 (2025-03-11):	Publication Date
V1.1 (2025-06-10):	Added fix for SIMIT V11; Clarified that SIMATIC BRAUMAT and SIMATIC SISTAR are not affected by CVE-2024-42513
V1.2 (2026-01-13):	Automatically generated entry

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.