Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Several Siemens Devices Affected by Intel MDS Vulnerabilities

Siemens informed customers on Tuesday that several of its products are affected by the Microarchitectural Data Sampling (MDS) vulnerabilities impacting a majority of the Intel processors made in the last decade.

Siemens informed customers on Tuesday that several of its products are affected by the Microarchitectural Data Sampling (MDS) vulnerabilities impacting a majority of the Intel processors made in the last decade.

The vulnerabilities, discovered by researchers at Intel and other organizations, have been named ZombieLoad, RIDL (Rogue In-Flight Data Load), Fallout, and Store-to-Leak Forwarding, and they have been assigned the CVE identifiers CVE-2018-12130, CVE-2018-12126, CVE-2018-12127 and CVE-2018-11091.

The flaws are related to speculative execution and they allow attacks against both PCs and cloud environments. Exploitation of the vulnerabilities can result in applications, operating systems, virtual machines and trusted execution environments leaking information, including passwords, website content, disk encryption keys and browser history.

Attacks can be launched both by a piece of malware present on the targeted system and from the internet, but Intel says real-world attacks are not easy to carry out and even if the exploit is successful the attacker may not obtain any valuable information.

One of the advisories published by Siemens as part of its July 2019 Patch Tuesday updates reveals that the vulnerabilities impact some of its SIMATIC Field PG programming devices, SIMATIC Industrial PCs, SIMOTION motion control systems, SINUMERIK CNC automation solutions and their PCU and TCU human-machine interfaces (HMIs), and SIMATIC S7-1500 MFP CPUs.

Learn More About Flaws in ICS Products at SecurityWeek’s 2019 ICS Cyber Security Conference

Siemens has released BIOS updates that address the vulnerabilities for several Industrial PC devices, but the company has highlighted that customers also need to install operating system patches and possibly implement other mitigations — depending on the operating system — in order to completely eliminate the risk of attacks.

For the other products, Siemens recommends taking steps to ensure that untrusted code cannot be executed on the impacted devices — this is a requirement for an attack — including by applying its Defense-in-Depth concept for industrial systems.

Advertisement. Scroll to continue reading.

Siemens published five other new security advisories on Tuesday, including for a high-severity code upload vulnerability in SIMATIC WinCC and PCS7 products, medium-severity flaws related to TLS in SIMATIC RF6XXR, a high-severity authentication issue in the TIA Portal, an XSS vulnerability in Spectrum Power, and high-severity DoS and file upload/download flaws in SIPROTEC 5 relays and their engineering software DIGSI 5.

Schneider Electric has also published some new advisories on Tuesday. They describe vulnerabilities in Modicon controllers, its Interactive Graphical SCADA System, and Zelio Soft 2. Schneider released an advisory for the MDS vulnerabilities shortly after their disclosure by Intel, but the company has yet to say if its products are impacted.

Related: Chrome OS 75 Adds More Mitigations for Intel MDS Flaws

Related: Siemens Medical Products Affected by Wormable Windows Flaw

Related: Siemens Patches Serious DoS Flaws in Many Industrial Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.