Security Experts:

ICS Patch Tuesday: Siemens, Schneider Electric Address 59 Vulnerabilities

Industrial giants Siemens and Schneider Electric have released their Patch Tuesday security advisories for July 2022, with a total of 13 advisories describing 59 vulnerabilities.

Siemens

Siemens has released 19 new advisories that describe 46 vulnerabilities affecting the company’s products. Two advisories are for flaws that have been rated “critical” with a CVSS score of 10.

As a sidenote, CVSS scores are often misleading in the case of vulnerabilities found in industrial control systems (ICS), but vendors often highlight the CVSS score so this summary will also focus on the security holes with the highest scores. Industrial organizations should check all advisories from the two vendors and assess the risks for their specific environment.

One of the advisories describes three critical and high-severity vulnerabilities in the SIMATIC CP 1543-1 communication processor. Siemens says exploitation of the flaws can lead to arbitrary code execution with elevated privileges, but attacks can only be launched if the Remote Connect Server (SRCS) VPN feature is used — the feature is not enabled by default.

The second advisory describes one critical and one high-severity vulnerability in the SIMATIC eaSie digital assistant. The bugs can be exploited remotely to send arbitrary requests to the system and cause a DoS condition.

Another critical vulnerability addressed in Siemens’ latest round of advisories is a DHCP issue that affects older SINAMICS Perfect Harmony GH180 drives and can allow access to the drive’s internal network.

The company has also informed customers about a critical authentication bypass vulnerability in the Opcenter Quality quality management system.

SCALANCE X switches are affected by several critical and high-severity flaws that can be exploited for DoS attacks or brute force attacks that can lead to session hijacking.

Ten advisories describe high-severity vulnerabilities. One of them covers 20 vulnerabilities in the company’s PADS Viewer product, which can be exploited for remote code execution by tricking the targeted user into opening a specially crafted file.

Learn more about vulnerabilities in industrial systems at

SecurityWeek’s ICS Cyber Security Conference

Other high-severity advisories describe issues in EN100 Ethernet modules, RUGGEDCOM ROS and ROX devices, SIMATIC MV500 devices, Simcenter Femap and Parasolid design tools, JT2Go and Teamcenter visualization products, and SICAM A8000 devices. They include command injection, DoS, remote code execution, and authentication issues.

Medium-severity vulnerabilities have been found in Mendix applications and SICAM GridEdge software.

Siemens has started releasing patches, but fixes may not yet be available for certain products. Until these patches do become available, the vendor recommends mitigations and workarounds.

Schneider Electric

Schneider Electric has released four new advisories that describe 13 vulnerabilities. One of them describes a high-severity OS command injection issue in the SpaceLogic C-Bus Home Controller product.

Schneider has also informed customers that some of its OPC UA and X80 advanced RTU communication modules are affected by three high-severity vulnerabilities that can be exploited for DoS attacks, as well as four medium-severity bugs that could allow an attacker to load an unauthorized firmware image.

The company has also released an advisory for high- and medium-severity flaws in Easergy P5 protection relays that could allow an attacker to cause a DoS condition, obtain a device’s credentials, or gain full control of a relay.

One medium-severity vulnerability that can be leveraged to gain access to other devices on the network has been found in Schneider’s Acti9 PowerTag Link C energy monitoring product.

The vendor has released patches and/or mitigations for these vulnerabilities.

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.