Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability

ICS Patch Tuesday: Siemens and Schneider Electric address dozens of vulnerabilities affecting their industrial products.

IT/OT Podcast

Siemens and Schneider Electric have published their Patch Tuesday advisories for December 2023, addressing dozens of vulnerabilities affecting their products.

Siemens

Siemens has published 12 advisories that cover more than 30 vulnerabilities. In addition, the industrial giant has published an advisory describing 430 GNU/Linux subsystem vulnerabilities affecting its Simatic S7-1500 CPU. These flaws have CVEs ranging between 2013 and 2023 and severity ratings from ‘low’ to ‘critical’. The company said it’s preparing patches.

Another noteworthy advisory describes a high-severity vulnerability affecting LOGO! V8.3 BM controllers. The flaw, reported by Sebastien Leger and tracked as CVE-2022-42784, can be exploited for electromagnetic fault injection. 

“This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the LOGO! V8.3 Product CA,” Siemens explained. 

The vendor has released new LOGO! hardware versions to address the issue and is working on new Siplus devices that should not be vulnerable to attacks. 

In addition, Siemens has informed customers about the existence of critical and/or high-severity flaws in products such as Sinec INS, Scalance M-800/S615, Sinumerik ONE and MC, Simatic S7-1500, Sinamics S210 and S120, and User Management Component (UMC).

In most cases exploitation of the vulnerabilities can lead to a denial-of-service (DoS) condition, but some of the flaws can allow arbitrary code execution. 

Advertisement. Scroll to continue reading.

Medium-severity issues have been addressed in Simatic Step 7 and Sicam Q100 products. 

Some of these vulnerabilities have been patched and some will be fixed in the future, but Siemens does not plan on releasing patches for some of the impacted products. 

Siemens has also provided clarifications on a recent talk at Black Hat Europe. Researchers analyzed the security of a Siemens communication protocol a decade after the infamous Stuxnet attack. The vendor pointed out that no new vulnerabilities were disclosed and that newer versions of the protocol address the highlighted issues. 

Schneider Electric

Schneider Electric has released three new advisories describing a total of four vulnerabilities. 

The most serious of them — based on their CVSS score — is a critical flaw in the Redis database, which is used in the company’s Plant iT/Brewmaxx process control system. The vulnerability, disclosed last year and tracked as CVE-2022-0543, can lead to a sandbox escape and remote code execution. 

The industrial giant has also patched a high-severity open redirect vulnerability that can be exploited for phishing attacks in its Trio licensed and license-free data radio products. In addition, a medium-severity issue affecting these products can be exploited by a privileged attacker to install malicious firmware.

The third advisory describes a medium-severity path traversal vulnerability in Easy UPS Online Monitoring Software that can be exploited by a local attacker to delete arbitrary files when the service is restarted.

Related: ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric

Related: ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...