cbcvebase.
CVE-2024-44087
published 2024-09-10

CVE-2024-44087: A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6.0 (All versions < V6.0 SP12 Upd3)…

PriorityP259high8.6CVSS 3.1
AVNACLPRNUINSCCNINAH
EPSS
10.61%
95.2th percentile
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6.0 (All versions < V6.0 SP12 Upd3), Automation License Manager V6.2 (All versions < V6.2 Upd3). Affected applications do not properly validate certain fields in incoming network packets on port 4410/tcp. This could allow an unauthenticated remote attacker to cause an integer overflow and crash of the application. This denial of service condition could prevent legitimate users from using subsequent products that rely on the affected application for license verification.

Affected

3 ranges
VendorProductVersion rangeFixed in
siemensautomation_license_manager_v5< **
siemensautomation_license_manager_v6.0< V6.0 SP12 Upd3V6.0 SP12 Upd3
siemensautomation_license_manager_v6.2< V6.2 Upd3V6.2 Upd3

Detection & IOCsextracted from sources · hover to see the quote

port4410/tcp
  • Monitor for unexpected or malformed network packets targeting port 4410/tcp on hosts running Siemens Automation License Manager; anomalous traffic to this port from untrusted sources may indicate exploitation attempts.
  • Alert on crashes or unexpected termination of the Automation License Manager process, which may indicate a successful DoS exploitation via integer overflow on port 4410/tcp.

CVSS provenance

nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvdv4.09.2CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.