All CISA Advisories, EN

Siemens TPM 2.0

View CSAF

Summary

The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.

The following versions of Siemens TPM 2.0 are affected:

  • SIMATIC CN 4100 vers:all/* (CVE-2025-2884)
  • SIMATIC Field PG M5 vers:all/* (CVE-2025-2884)
  • SIMATIC Field PG M6 vers:all/* (CVE-2025-2884)
  • SIMATIC IPC BX-32A vers:intdot/<29.01.09 (CVE-2025-2884)
  • SIMATIC IPC BX-39A vers:intdot/<29.01.09 (CVE-2025-2884)
  • SIMATIC IPC BX-56A vers:intdot/<32.01.09 (CVE-2025-2884)
  • SIMATIC IPC BX-59A vers:intdot/<32.01.09 (CVE-2025-2884)
  • SIMATIC IPC MD-57A vers:intdot/<30.01.10 (CVE-2025-2884)
  • SIMATIC IPC PX-32A vers:intdot/<29.01.09 (CVE-2025-2884)
  • SIMATIC IPC PX-39A vers:intdot/<29.01.09 (CVE-2025-2884)
  • SIMATIC IPC PX-39A PRO vers:intdot/<29.01.09 (CVE-2025-2884)
  • SIMATIC IPC RW-528A vers:intdot/<34.01.02 (CVE-2025-2884)
  • SIMATIC IPC RW-548A vers:intdot/<34.01.02 (CVE-2025-2884)
  • SIMATIC IPC227E vers:all/* (CVE-2025-2884)
  • SIMATIC IPC277E vers:all/* (CVE-2025-2884)
  • SIMATIC IPC427E vers:intdot/<21.01.20 (CVE-2025-2884)
  • SIMATIC IPC477E vers:intdot/<21.01.20 (CVE-2025-2884)
  • SIMATIC IPC477E PRO vers:intdot/<21.01.20 (CVE-2025-2884)
  • SIMATIC IPC627E vers:all/* (CVE-2025-2884)
  • SIMATIC IPC647E vers:all/* (CVE-2025-2884)
  • SIMATIC IPC677E vers:all/* (CVE-2025-2884)
  • SIMATIC IPC847E vers:all/* (CVE-2025-2884)
  • SIMATIC ITP1000 vers:all/* (CVE-2025-2884)
  • SIPLUS IPC427E vers:intdot/<21.01.20 (CVE-2025-2884)
CVSS Vendor Equipment Vulnerabilities
v3 6.6 Siemens Siemens TPM 2.0 Out-of-bounds Read

Background

  • Critical Infrastructure Sectors: Critical Manufacturing
  • Countries/Areas Deployed: Worldwide
  • Company Headquarters Location: Germany

Vulnerabilities

Expand All +

CVE-2025-2884

TCG TPM2.0 Reference implementation’s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key’s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

View CVE Details

Affected Products

Siemens TPM 2.0
Vendor:
Siemens
Product Version:
SIMATIC CN 4100, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC BX-32A, SIMATIC IPC BX-39A, SIMATIC IPC BX-56A, SIMATIC IPC BX-59A, SIMATIC IPC MD-57A, SIMATIC IPC PX-32A, SIMATIC IPC PX-39A, SIMATIC IPC PX-39A PRO, SIMATIC IPC RW-528A, SIMATIC IPC RW-548A, SIMATIC IPC227E, SIMATIC IPC277E, SIMATIC IPC427E, SIMATIC IPC477E, SIMATIC IPC477E PRO, SIMATIC IPC627E, SIMATIC IPC647E, SIMATIC IPC677E, SIMATIC IPC847E, SIMATIC ITP1000, SIPLUS IPC427E
Product Status:
known_affected
Remediations

No fix planned
Currently no fix is planned

None available
Currently no fix is available

Vendor fix
Update to V21.01.20 or later version
https://support.industry.siemens.com/cs/ww/en/view/109763408/

Vendor fix
Update to V29.01.09 or later version
https://support.industry.siemens.com/cs/ww/en/view/109763408/

Vendor fix
Update to V30.01.10 or later version
https://support.industry.siemens.com/cs/ww/en/

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from All CISA Advisories

Read the original article: