Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

ICS Patch Tuesday: Siemens, Schneider Electric Release 19 New Security Advisories

Industrial giants Siemens and Schneider Electric have released a total of 19 security advisories for the October 2022 Patch Tuesday. The advisories cover 36 vulnerabilities affecting their ICS products.

Siemens

Industrial giants Siemens and Schneider Electric have released a total of 19 security advisories for the October 2022 Patch Tuesday. The advisories cover 36 vulnerabilities affecting their ICS products.

Siemens

Siemens has released 15 advisories that cover two dozen security holes. The most important of them appears to be CVE-2022-38465, which is related to a global cryptographic key not being properly protected.

A threat actor could launch an offline attack against a single Siemens PLC and obtain a private key that can then be used to compromise that entire product line.

The attacker can then obtain sensitive configuration data or launch man-in-the-middle (MitM) attacks that enable them to read or modify data between the PLC and its connected HMIs and engineering workstations.

Siemens has made significant changes to how PLCs are protected and it has released updates that customers have been instructed to apply. The company has also released a separate security bulletin detailing the vulnerability and its root cause. Industrial cybersecurity firm Claroty, whose researchers discovered the flaw, has published a blog post detailing its findings.

“Siemens is not aware of related cybersecurity incidents but considers the likelihood of malicious actors misusing the global private key as increasing,” Siemens warned.

Siemens has also informed customers about a critical authentication-related vulnerability affecting Desigo CC and Cerberus DMS, allowing attackers to impersonate other users or exploit the client-server protocol without being authenticated. Patches are not available, but the vendor has recommended some mitigations.

Fixes are also not available for critical and high-severity remote code execution and DoS vulnerabilities affecting Logo! 8 BM devices.

2022 ICS Cyber Security Conference

A ‘critical’ severity rating has also been assigned to a vulnerability in Sicam P850 and P855 devices. It allows an authenticated attacker to execute arbitrary code or cause a DoS condition.

A majority of the remaining advisories describe high-severity flaws. This includes webserver vulnerabilities in Desigo PXM devices, privilege escalation and DoS issues in Scalance and Ruggedcom products, DoS flaws in products based on the Nucleus RTOS, a DoS vulnerability in Simatic HMI panels, a spoofing vulnerability in Industrial Edge Management, an XSS flaw in Scalance switches, and file parsing vulnerabilities in Solid Edge, JTTK and Simcenter Femap.

Schneider Electric

Schneider Electric has released four new advisories covering a dozen vulnerabilities.

Six high-severity flaws that could lead to arbitrary code execution have been identified in EcoStruxure Operator Terminal Expert and Pro-face BLUE products. However, exploitation of these vulnerabilities requires local user privileges and involves loading malicious files.

Schneider’s EcoStruxure Power Operation and Power SCADA Operation software is affected by a vulnerability that could allow an attacker to view data, change settings or cause disruption by getting a user to click on a specially crafted link.

EcoStruxure Panel Server Box is affected by high- and medium-severity issues that can be exploited for arbitrary writes — this could lead to code execution — and DoS attacks.

Lastly, the third party ISaGRAF Workbench software used by SAGE RTU products is affected by three medium-severity bugs that could result in arbitrary code execution or privilege escalation. User interaction is required for exploitation.

Patches and/or mitigations are available for these vulnerabilities.

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities

Related: ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities

Related: ICS Patch Tuesday: Siemens, Schneider Electric Fix High-Severity Vulnerabilities 

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.