Cyber Resilience

CVE-2024-56336

Critical

Published: 11 March 2025

Published
11 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0024 46.6th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56336 is a critical-severity Improper Authentication (CWE-287) vulnerability. Its CVSS base score is 9.5 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 46.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-56336 is a critical vulnerability affecting SINAMICS S200 drives in all versions with serial numbers beginning with SZVS8, SZVS9, SZVS0, or SZVSN and an FS number of 02. The issue stems from an unlocked bootloader (CWE-287: Improper Authentication), which bypasses intrinsic security features designed to prevent data manipulation and unauthorized access. This allows attackers to inject malicious code or install untrusted firmware, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Remote attackers with network access to the device can exploit this vulnerability without authentication, privileges, or user interaction. Successful exploitation enables full compromise of the device, including high-impact confidentiality, integrity, and availability violations through arbitrary code execution or firmware replacement.

Siemens has published security advisory SSA-787280, available at https://cert-portal.siemens.com/productcert/html/ssa-787280.html, which provides details on mitigation and remediation steps for affected SINAMICS S200 drives.

EU & UK References

Vulnerability details

A vulnerability has been identified in SINAMICS S200 (All versions with serial number beginning with SZVS8, SZVS9, SZVS0 or SZVSN and the FS number is 02). The affected device contains an unlocked bootloader. This security oversight enables attackers to inject…

more

malicious code, or install untrusted firmware. The intrinsic security features designed to protect against data manipulation and unauthorized access are compromised when the bootloader is not secured.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1542.001 System Firmware Stealth
Adversaries may modify system firmware to persist on systems.
Why these techniques?

The unlocked bootloader vulnerability enables remote unauthenticated network exploitation of the device for arbitrary code execution and untrusted firmware installation, directly mapping to T1190 for exploiting the exposed application/service and T1542.001 for replacing system firmware.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-71279Shared CWE-287
CVE-2024-13804Shared CWE-287
CVE-2024-57046Shared CWE-287
CVE-2026-1203Shared CWE-287
CVE-2026-1740Shared CWE-287
CVE-2025-43995Shared CWE-287
CVE-2026-7876Shared CWE-287
CVE-2025-0637Shared CWE-287
CVE-2025-61882Shared CWE-287
CVE-2026-0589Shared CWE-287

Affected Assets

All
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventdetect

SI-7 requires integrity checks on software and firmware before execution, directly preventing malicious code injection or untrusted firmware loading via the unlocked bootloader.

prevent

CM-14 enforces digital signature verification prior to installing or updating firmware, blocking untrusted firmware installation enabled by the unlocked bootloader.

preventrecover

SI-2 mandates timely flaw remediation, including applying Siemens' security advisory patches to lock the bootloader and address the vulnerability.

References