Cyber Resilience

CVE-2024-46888

Critical

Published: 12 November 2024

Published
12 November 2024
Modified
13 November 2024
KEV Added
Patch
CVSS Score v4 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0950 93.0th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-46888 is a critical-severity Path Traversal (CWE-22) vulnerability in Siemens Sinec Ins. Its CVSS base score is 9.4 (Critical).

Operationally, ranked in the top 7.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vulnerability CVE-2024-46888 affects Siemens SINEC INS in all versions prior to V1.0 SP2 Update 3. It stems from improper sanitization of user-supplied paths during SFTP-based file uploads and downloads, corresponding to CWE-22. This path traversal flaw carries a CVSS 4.0 score of 9.4 and permits manipulation of arbitrary filesystem paths.

An authenticated remote attacker can exploit the issue over the network by supplying crafted paths through SFTP operations. Successful exploitation allows the attacker to read, write, or modify arbitrary files on the underlying system, ultimately achieving arbitrary code execution on the affected device.

The official Siemens advisory at https://cert-portal.siemens.com/productcert/html/ssa-915275.html addresses the flaw and identifies the V1.0 SP2 Update 3 release as the corrective version that resolves the path sanitization weakness.

EPSS for the CVE stands at 0.0950 after reaching a recorded peak of 0.1505.

EU & UK References

Vulnerability details

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate…

more

arbitrary files on the filesystem and achieve arbitrary code execution on the device.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

siemens
sinec ins
1.0 · ≤ 1.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References