CVE-2024-56182
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC Field PG M6 (All versions < V26.01.12), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to disable the BIOS password without proper authorization by directly communicate with the flash controller.
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC Field PG M6 (All versions < V26.01.12), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to disable the BIOS password without proper authorization by directly communicate with the flash controller.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-12-18 CVE Reserved
- 2025-03-11 CVE Published
- 2025-03-11 CVE Updated
- 2025-05-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-693: Protection Mechanism Failure
CAPEC
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | SIMATIC Field PG M5 Search vendor "Siemens" for product "SIMATIC Field PG M5" | 0 Search vendor "Siemens" for product "SIMATIC Field PG M5" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC RC-543B Search vendor "Siemens" for product "SIMATIC IPC RC-543B" | 0 Search vendor "Siemens" for product "SIMATIC IPC RC-543B" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC RW-543A Search vendor "Siemens" for product "SIMATIC IPC RW-543A" | 0 Search vendor "Siemens" for product "SIMATIC IPC RW-543A" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC127E Search vendor "Siemens" for product "SIMATIC IPC127E" | 0 Search vendor "Siemens" for product "SIMATIC IPC127E" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC227E Search vendor "Siemens" for product "SIMATIC IPC227E" | 0 Search vendor "Siemens" for product "SIMATIC IPC227E" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC227G Search vendor "Siemens" for product "SIMATIC IPC227G" | 0 Search vendor "Siemens" for product "SIMATIC IPC227G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC277E Search vendor "Siemens" for product "SIMATIC IPC277E" | 0 Search vendor "Siemens" for product "SIMATIC IPC277E" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC277G Search vendor "Siemens" for product "SIMATIC IPC277G" | 0 Search vendor "Siemens" for product "SIMATIC IPC277G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC277G PRO Search vendor "Siemens" for product "SIMATIC IPC277G PRO" | 0 Search vendor "Siemens" for product "SIMATIC IPC277G PRO" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC3000 SMART V3 Search vendor "Siemens" for product "SIMATIC IPC3000 SMART V3" | 0 Search vendor "Siemens" for product "SIMATIC IPC3000 SMART V3" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC327G Search vendor "Siemens" for product "SIMATIC IPC327G" | 0 Search vendor "Siemens" for product "SIMATIC IPC327G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC347G Search vendor "Siemens" for product "SIMATIC IPC347G" | 0 Search vendor "Siemens" for product "SIMATIC IPC347G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC377G Search vendor "Siemens" for product "SIMATIC IPC377G" | 0 Search vendor "Siemens" for product "SIMATIC IPC377G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC427E Search vendor "Siemens" for product "SIMATIC IPC427E" | 0 Search vendor "Siemens" for product "SIMATIC IPC427E" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC477E Search vendor "Siemens" for product "SIMATIC IPC477E" | 0 Search vendor "Siemens" for product "SIMATIC IPC477E" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC477E PRO Search vendor "Siemens" for product "SIMATIC IPC477E PRO" | 0 Search vendor "Siemens" for product "SIMATIC IPC477E PRO" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC IPC527G Search vendor "Siemens" for product "SIMATIC IPC527G" | 0 Search vendor "Siemens" for product "SIMATIC IPC527G" and version "0" | en |
Affected
| ||||||
| Siemens Search vendor "Siemens" | SIMATIC ITP1000 Search vendor "Siemens" for product "SIMATIC ITP1000" | 0 Search vendor "Siemens" for product "SIMATIC ITP1000" and version "0" | en |
Affected
| ||||||