CVE-2023-32735: 
Siemens SIMATIC WinCC vulnerability analysis and mitigation

A vulnerability (CVE-2023-32735) has been identified in multiple Siemens engineering platforms including SIMATIC STEP 7, WinCC, SIMOCODE ES, and other TIA Portal-based applications. The vulnerability was disclosed on July 9, 2024. The affected applications fail to properly restrict the .NET BinaryFormatter when deserializing hardware configuration profiles, which could lead to arbitrary code execution (Siemens Advisory).

The vulnerability stems from improper restriction of the .NET BinaryFormatter during the deserialization of hardware configuration profiles. This is similar to the known issue documented for .NET BinaryFormatter. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (MEDIUM) with vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H and a CVSS v4.0 base score of 7.0 (HIGH) with vector string CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (Siemens Advisory).

Successful exploitation of this vulnerability could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. This could potentially give attackers control over the industrial automation systems managed by these applications (CISA Advisory).

Siemens has released updates for most affected products and recommends updating to the latest versions. For products where fixes are not yet available, Siemens recommends avoiding opening untrusted files from unknown sources in affected products. As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms and configuring the environment according to Siemens' operational guidelines for Industrial Security (Siemens Advisory).