CVE-2024-23816
published 2024-02-13CVE-2024-23816: A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.73%
49.7th percentile
A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All versions < V4.3), Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) (All versions < V4.3), Location Intelligence SUS Large (9DE5110-8CA13-1BX0) (All versions < V4.3), Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) (All versions < V4.3), Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) (All versions < V4.3), Location Intelligence SUS Small (9DE5110-8CA11-1BX0) (All versions < V4.3). Affected products use a hard-coded secret value for the computation of a Keyed-Hash Message Authentication Code. This could allow an unauthenticated remote attacker to gain full administrative access to the application.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | location_intelligence | < 4.3 | 4.3 |
| siemens | location_intelligence_perpetual_large | < V4.3 | V4.3 |
| siemens | location_intelligence_perpetual_medium | < V4.3 | V4.3 |
| siemens | location_intelligence_perpetual_non-prod | < V4.3 | V4.3 |
| siemens | location_intelligence_perpetual_small | < V4.3 | V4.3 |
| siemens | location_intelligence_sus_large | < V4.3 | V4.3 |
| siemens | location_intelligence_sus_medium | < V4.3 | V4.3 |
| siemens | location_intelligence_sus_non-prod | < V4.3 | V4.3 |
| siemens | location_intelligence_sus_small | < V4.3 | V4.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability involves a hard-coded secret value used for HMAC computation; detect exploitation attempts by monitoring for unauthenticated requests that successfully authenticate to administrative endpoints, which may indicate use of a forged/known HMAC token. ↗
- →Monitor for unauthenticated remote access to administrative interfaces of Siemens Location Intelligence products (all versions prior to V4.3); successful admin-level access from unauthenticated sessions is a strong indicator of exploitation. ↗
- →Classify as CWE-798 (Use of Hard-coded Credentials); tune SIEM/IDS rules to flag anomalous administrative authentication events on Siemens Location Intelligence instances not yet updated to V4.3. ↗
- ·All affected product SKUs (Perpetual and SUS variants: Large, Medium, Small, Non-Prod) running versions prior to V4.3 are vulnerable; the hard-coded HMAC secret is present across all these variants. ↗
- ·No known public exploitation has been reported at time of advisory publication, but the attack complexity is low and no authentication is required (CVSS v3 9.8, CVSS v4 9.3). ↗
- ·The hard-coded secret is used specifically for HMAC computation, meaning an attacker can craft valid authentication tokens without credentials; this is not a simple default password issue but a cryptographic secret embedded in the application. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens Location Intelligence
cisa_ics·2024-02-15
Siemens Location Intelligence
ICS Advisory
##
Siemens Location Intelligence
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-05
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Location Intelligence Perpetual Large, Location Intelligence Perpetual Medium, Location Intelligence Perpetual Non-Prod, Location Intelligence Perpetual Small, Location Intelligence SUS Large, Location Intelligence SU
GHSA
GHSA-fh4v-qfgj-jxxw: A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4
ghsa_unreviewed·2024-02-13
CVE-2024-23816 [CRITICAL] CWE-798 GHSA-fh4v-qfgj-jxxw: A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4
A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All versions < V4.3), Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) (All versions < V4.3), Location Intelligence SUS Large (9DE5110-8CA13-1BX0) (All versions < V4.3), Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) (All versions < V4.3), Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) (All versions < V4.3), Location Intelligence SUS Small (9DE5110-8CA11-1BX0) (All versions < V4.3). Affected products use a hard-coded secret value for the computation of a Keyed-Hash Message Authentication Code. This cou
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-13
Published