Skip to main content

CVE-2025-31929: CWE-1326: Missing Immutable Root of Trust in Hardware in Siemens IEC 1Ph 7.4kW Child socket

Medium
VulnerabilityCVE-2025-31929cvecve-2025-31929cwe-1326
Published: Tue May 13 2025 (05/13/2025, 09:38:41 UTC)
Source: CVE
Vendor/Project: Siemens
Product: IEC 1Ph 7.4kW Child socket

Description

A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions), UL Resi High End 40A w/15118 Hw (8EM1312-4CF18-0FA3) (All versions), UL Resi High End 48A w/15118 Hw (8EM1312-5CF18-0FA3) (All versions), VersiCharge Blue™ 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions). Affected devices do not contain an Immutable Root of Trust in M0 Hardware. An attacker with physical access to the device could use this to execute arbitrary code.

AI-Powered Analysis

AILast updated: 07/12/2025, 01:33:13 UTC

Technical Analysis

CVE-2025-31929 is a medium-severity vulnerability affecting a broad range of Siemens IEC charging hardware products, including various models of 1-phase and 3-phase child and parent sockets, cables, and related devices used primarily for electric vehicle (EV) charging. The root cause is the absence of an Immutable Root of Trust (RoT) in the M0 hardware of these devices. An Immutable Root of Trust is a foundational security feature embedded in hardware that ensures the integrity and authenticity of the device's firmware and software by preventing unauthorized code execution or tampering. Without this hardware-based RoT, attackers with physical access to the device can potentially bypass security controls and execute arbitrary code. This vulnerability is particularly concerning because it affects all versions of the listed products, indicating a systemic design or manufacturing oversight. The CVSS 3.1 score is 4.2 (medium), reflecting that exploitation requires physical access (Attack Vector: Physical), high attack complexity, and no privileges or user interaction, with no confidentiality or availability impact but with integrity impact. The vulnerability falls under CWE-1326, which relates to missing or weak hardware roots of trust. Although no exploits are currently known in the wild and no patches have been released, the potential for malicious actors to manipulate charging infrastructure firmware or software could lead to unauthorized control or disruption of EV charging operations. Given the critical role of EV charging infrastructure in energy and transportation sectors, this vulnerability could have broader implications if exploited.

Potential Impact

For European organizations, the impact of this vulnerability can be significant due to the increasing adoption of electric vehicles and the corresponding expansion of EV charging infrastructure across the continent. Siemens is a major supplier of industrial and energy infrastructure equipment in Europe, and many public and private EV charging stations likely use the affected hardware. Exploitation could allow attackers with physical access to compromise device integrity, potentially leading to unauthorized firmware modifications, disruption of charging services, or even safety risks if charging parameters are manipulated. This could affect utilities, commercial charging operators, fleet managers, and public infrastructure providers. The integrity compromise could undermine trust in EV infrastructure, cause operational downtime, and result in financial losses or reputational damage. While remote exploitation is not feasible, the physical access requirement means insider threats, supply chain attacks, or physical tampering at charging sites are the primary risk vectors. The lack of an immutable hardware root of trust also suggests that firmware updates or device provisioning processes may be vulnerable to manipulation, complicating secure device lifecycle management.

Mitigation Recommendations

Given the hardware nature of the vulnerability, mitigation options are limited until Siemens releases hardware revisions or firmware updates that incorporate an immutable root of trust. European organizations should: 1) Implement strict physical security controls around EV charging stations, including surveillance, access restrictions, and tamper-evident seals to prevent unauthorized physical access. 2) Conduct regular inspections and integrity checks of charging hardware to detect signs of tampering or unauthorized modifications. 3) Collaborate with Siemens and authorized vendors to monitor for firmware updates or security advisories addressing this issue and plan for hardware replacement or upgrades where feasible. 4) Employ network segmentation and monitoring to detect anomalous behavior from charging devices that could indicate compromise. 5) Incorporate device attestation and cryptographic verification mechanisms at the network or management layer to validate device integrity where possible. 6) Train staff and contractors on the risks of physical tampering and establish incident response procedures for suspected hardware compromise. These measures go beyond generic advice by focusing on physical security, operational monitoring, and vendor coordination specific to this hardware-root-of-trust vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
siemens
Date Reserved
2025-04-01T16:45:21.675Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9815c4522896dcbd6373

Added to database: 5/21/2025, 9:08:37 AM

Last enriched: 7/12/2025, 1:33:13 AM

Last updated: 8/12/2025, 3:10:05 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats