Connect with us

Hi, what are you looking for?



ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

ICS Patch Tuesday: Siemens and Schneider Electric release over a dozen advisories addressing more than 40 vulnerabilities.

ICS Patch Tuesday

Siemens and Schneider Electric’s Patch Tuesday advisories for October 2023 address more than 40 vulnerabilities affecting their products.


Siemens has published a dozen new advisories addressing 41 vulnerabilities.

One advisory describes seven vulnerabilities affecting Siemens’ Ruggedcom APE1808 industrial application hosting platform, which is made for running third-party software in harsh, mission-critical environments.

The vulnerabilities exist in a product made by industrial and IoT cybersecurity firm Nozomi Networks, specifically the firm’s Guardian product, which is designed to provide asset inventory and network visibility, and the Central Management Console (CMC), which aggregates Guardian sensor data.

Nozomi patched the vulnerabilities in its products in early August with the release of Guardian/CMC version 22.6.2. Siemens is working on patches for its Ruggedcom product and in the meantime it has provided workarounds and mitigations that can be used to prevent exploitation. 

The vulnerabilities can be exploited to obtain information, execute arbitrary JavaScript code, hijack user sessions, and cause a denial-of-service (DoS) condition.

However, all of the Nozomi product vulnerabilities require authentication and some of them require elevated privileges for exploitation. Only two of them have been assigned ‘high’ severity ratings based on their CVSS score — the rest are ‘medium’ and ‘low’ — but Nozomi says even the high-severity issues actually have a ‘medium’ risk level for its customers.

Advertisement. Scroll to continue reading.

Three of Siemens’ new advisories address critical vulnerabilities that have been patched by the industrial giant. One of them describes Scalance W1750D flaws that were previously found in Aruba products. The Scalance W1750D is actually a brand-labeled device from HPE-owned Aruba.

Exploitation of the security holes can lead to sensitive information disclosure, unauthenticated remote code execution, and DoS. 

A ‘critical’ severity rating has also been assigned to CVE-2023-43625, a Simcenter Amesim bug that can allow an unauthenticated, remote attacker to execute arbitrary code using DLL injections. 

The third ‘critical’ advisory describes CVE-2023-36380, a hardcoded ID in the SSH ‘authorized_keys’ configuration file of Sicam A8000 remote terminal units (RTUs). In certain circumstances, an attacker who knows the corresponding credentials could access the device via SSH.

High-severity vulnerabilities have been addressed in Sinema Server (code execution via XSS), Sicam PAS/PQS (local privilege escalation), Siemens Xpedition Layout Browser (code execution, DoS), Sinec NMS (code injection, XSS), Tecnomatix Plant Simulation (code execution or DoS via malicious files), and Sicam A8000 RTUs (privilege escalation). 

Medium-severity vulnerabilities have been patched in the Mendix ‘forgot password’ module (user enumeration) and Simatic CP devices (code execution, DoS, unrestricted network access).

Schneider Electric 

Schneider Electric has released two new advisories to inform customers about the availability of patches for three critical vulnerabilities.

Two of them impact the SpaceLogic C-Bus Toolkit and they can be exploited for remote code execution when the transfer command is used over the network, and to tamper with files on the PC running C-Bus when the file command is used. 

The third critical flaw affects EcoStruxure Power Monitoring Expert (PME) and EcoStruxure Power Operation products and it can be exploited for code execution by sending a specially crafted packet to the application. 

Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 23-26, 2023 | Atlanta

Related: ICS Patch Tuesday: Critical CodeMeter Vulnerability Impacts Several Siemens Products

Related: ICS Patch Tuesday: Siemens Fixes 7 Vulnerabilities in Ruggedcom Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.