← Back to CVEs
CVE-2024-56336
CRITICAL9.8
Description
A vulnerability has been identified in SINAMICS S200 (All versions with serial number beginning with SZVS8, SZVS9, SZVS0 or SZVSN and the FS number is 02). The affected device contains an unlocked bootloader. This security oversight enables attackers to inject malicious code, or install untrusted firmware. The intrinsic security features designed to protect against data manipulation and unauthorized access are compromised when the bootloader is not secured.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/11/2025
Last Modified3/11/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-287
References
https://cert-portal.siemens.com/productcert/html/ssa-787280.html(productcert@siemens.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.