Login Sign Up

CVE-2024-32742

7.6 HIGH

📋 TL;DR

This vulnerability affects SIMATIC CN 4100 devices with unrestricted USB ports, allowing attackers with physical access to boot alternative operating systems and gain full filesystem access. It impacts all versions before V3.0 of Siemens SIMATIC CN 4100 industrial networking devices. Physical access to the device is required for exploitation.

💻 Affected Systems

Products:
  • Siemens SIMATIC CN 4100
Versions: All versions < V3.0
Operating Systems: Embedded industrial OS
Default Config Vulnerable: ⚠️ Yes
Notes: All devices with unrestricted USB ports in default configuration are vulnerable.

📦 What is this software?

Simatic Cn 4100 Firmware by Siemens

View all CVEs affecting Simatic Cn 4100 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of device with full read/write access to filesystem, potential for persistent backdoors, manipulation of industrial control configurations, and lateral movement to connected systems.

🟠

Likely Case

Unauthorized access to sensitive configuration files, credential theft, and potential disruption of industrial network operations.

🟢

If Mitigated

Limited impact if physical security controls prevent unauthorized access to devices.

🌐 Internet-Facing: LOW - Physical access required, not remotely exploitable.
🏢 Internal Only: MEDIUM - Requires physical access but could be exploited by insiders or attackers who breach physical security.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires physical access to USB port and bootable media with alternative OS. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V3.0

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-273900.html

Restart Required: Yes

Instructions:

1. Download firmware V3.0 from Siemens support portal. 2. Backup device configuration. 3. Upload and install firmware via web interface or management tools. 4. Reboot device. 5. Verify version is V3.0 or higher.

🔧 Temporary Workarounds

Physical USB Port Restriction

all

Physically secure or disable USB ports using port locks, epoxy, or physical barriers.

Enhanced Physical Security

all

Implement strict physical access controls to device locations including locked cabinets, surveillance, and access logs.

🧯 If You Can't Patch

  • Implement strict physical security controls around device locations
  • Disable or physically secure USB ports using tamper-evident seals or port locks

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or CLI. If version is below V3.0, device is vulnerable.

Check Version:

Check via web interface at https://[device-ip]/ or using Siemens management tools.

Verify Fix Applied:

Verify firmware version is V3.0 or higher in device management interface.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected device reboots
  • USB device connection events in system logs
  • Changes to boot configuration

Network Indicators:

  • Unusual network traffic patterns after physical access events
  • Unexpected SSH/management connections

SIEM Query:

Device:vendor="Siemens" AND device:model="CN 4100" AND event:type="reboot" OR event:type="usb_connection"

📊 Metadata

CVE ID: CVE-2024-32742
CVSS v3 Score: 7.6 (HIGH)
CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-1326
Published: May 14, 2024
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32742, you might also want to check these:

CVE-2025-5834 7.8

This vulnerability allows local attackers with physical or authenticated access to bypass authentica...

Same vulnerability type (CWE-1326)
CVE-2025-2762 7.8

This vulnerability allows local attackers with initial low-privileged access to escalate privileges ...

Same vulnerability type (CWE-1326)