Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Siemens Patches Authentication Bypass Bug in Telecontrol Product

Siemens has released a firmware update for SICAM MIC devices in order to patch a serious vulnerability reported to the company by an external researcher.

Siemens SICAM MIC, which is part of the SICAM RTU product family, is a modular telecontrol device designed for energy automation. The product is deployed worldwide in the energy and other sectors.

Siemens has released a firmware update for SICAM MIC devices in order to patch a serious vulnerability reported to the company by an external researcher.

Siemens SICAM MIC, which is part of the SICAM RTU product family, is a modular telecontrol device designed for energy automation. The product is deployed worldwide in the energy and other sectors.

Siemens SICAM MIC

According to advisories published by Siemens and ICS-CERT, SICAM MIC devices are plagued by an authentication bypass vulnerability (CVE-2015-5386) that can be exploited remotely by an attacker with medium skill.

“Attackers with network access to the device’s web interface (port 80/tcp) could possibly circumvent authentication and perform administrative operations,” reads Siemens’ description of the vulnerability.

The bug was identified and reported to Siemens by Philippe Oechslin, founder of Swiss IT security consulting company Objectif Sécurité.

The flaw is considered a high severity issue (CVSS v2 base score of 8.3), but Siemens has pointed out that for the attack to work the attacker needs to have network access to the device’s web interface, and a legitimate user must be logged in to interface.

The security hole affects Siemens SICAM MIC devices running versions of the firmware prior to V2404. With the release of version V2404, Siemens has patched the authentication bypass issues and it has introduced further security improvements. The company advises customers to install the latest firmware update.

“As a general security measure Siemens strongly recommends to keep the firmware up-to-date and to protect network access to the SICAM MIC with appropriate mechanisms. It is advised to configure the environment according to our operational guidelines in order to run the devices in a protected IT environment,” Siemens said in its advisory.

Advertisement. Scroll to continue reading.

Related: Learn more at the ICS Cyber Security Conference

Related: Siemens Patches DoS, Other Vulnerabilities in SIMATIC HMI Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.