Product

SIPROTEC 5 7SJ81 (CP150)

1 brief RSS

Siemens SIPROTEC 5 Insufficient Session ID Randomness Leads to Session Hijacking (CVE-2024-54017)

Siemens SIPROTEC 5 devices are vulnerable to session hijacking (CVE-2024-54017) due to the use of insufficiently random numbers in session identifier generation, potentially allowing an unauthenticated remote attacker to brute-force a valid session and gain unauthorized read access.

SIPROTEC 5 6MD84 +62 ics session hijacking cve-2024-54017 siemens critical infrastructure

2r 1t 1c 1h ago