CVE-2024-31853

A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could allow an attacker to execute an on-path network (MitM) attack.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-183963.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sicam_toolbox_ii:*:*:*:*:*:*:*:*

History

20 Aug 2025, 16:19

Type	Values Removed	Values Added
First Time		Siemens Siemens sicam Toolbox Ii
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-183963.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-183963.html - Vendor Advisory
CPE		cpe:2.3:a:siemens:sicam_toolbox_ii::::::::

08 Jul 2025, 16:18

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en SICAM TOOLBOX II (todas las versiones anteriores a V07.11). Al establecer una conexión HTTPS con el servidor TLS de un dispositivo administrado, la aplicación afectada no comprueba el atributo de uso de clave extendida del certificado de dicho dispositivo. Esto podría permitir que un atacante ejecute un ataque de red en ruta (MitM).

08 Jul 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-08 11:15

Updated : 2025-08-20 16:19

NVD link : CVE-2024-31853

Mitre link : CVE-2024-31853

CVE.ORG link : CVE-2024-31853

JSON object : View

Products Affected

siemens

sicam_toolbox_ii

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2024-31853", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-08T11:15:23.997", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-183963.html", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate.\r\nThis could allow an attacker to execute an on-path network (MitM) attack."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SICAM TOOLBOX II (todas las versiones anteriores a V07.11). Al establecer una conexi\u00f3n HTTPS con el servidor TLS de un dispositivo administrado, la aplicaci\u00f3n afectada no comprueba el atributo de uso de clave extendida del certificado de dicho dispositivo. Esto podr\u00eda permitir que un atacante ejecute un ataque de red en ruta (MitM)."}], "lastModified": "2025-08-20T16:19:01.633", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sicam_toolbox_ii:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2598C81C-5061-40E5-9549-24EA6F5B88F6", "versionEndExcluding": "07.11"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}