#VU103910 Incorrect permission assignment for critical resource in SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor - CVE-2025-23403

Cybersecurity Help s.r.o.

Published: 2025-02-12

Vulnerability identifier: #VU103910

Vulnerability risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-23403

CWE-ID: CWE-732

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
SIMATIC IPC DiagBase
Server applications / SCADA systems
SIMATIC IPC DiagMonitor
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the affected device do not properly restrict the user permission for the registry key. A local user can load vulnerable drivers into the system and gain elevated privileges on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SIMATIC IPC DiagBase: All versions

SIMATIC IPC DiagMonitor: All versions

External links
http://cert-portal.siemens.com/productcert/html/ssa-369369.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor