Security Experts:

Siemens Industrial Devices Affected by 'SegmentSmack' Linux Kernel Flaw

Siemens has released six new advisories for its April 2020 Patch Tuesday updates, including three that inform customers about the impact of the SegmentSmack vulnerability on some of the company’s industrial products.

Researcher Juha-Matti Tilli discovered in 2018 that the Linux kernel was affected by two vulnerabilities that could be exploited to launch remote denial-of-service (DoS) attacks by sending specially crafted packets to the targeted system.

The high-severity vulnerabilities are tracked as CVE-2018-5390 and CVE-2018-5391, and they have been named SegmentSmack and FragmentSmack, respectively. Experts warned when the flaws were disclosed that they could impact products from tens of major vendors.

Siemens released three “SegmentSmack” advisories this week to inform customers that tens of its products are impacted by the vulnerabilities.

In one advisory, Siemens revealed that SegmentSmack and FragmentSmack impact some of its IE/PB-Link devices, RUGGEDCOM routers, ROX-based VPN endpoints and firewalls, SCALANCE routers and firewalls, SIMATIC communication processors, and SINEMA Remote Connect.

Another SegmentSmack-related advisory from Siemens describes a DoS vulnerability in the VxWorks-based Profinet TCP stack. This weakness, tracked as CVE-2019-19301, impacts SIMATIC communication modules, SCALANCE X switches, and SIPLUS devices designed to work in extreme conditions.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s 2020 ICS Cyber Security Conference

The last SegmentSmack-related advisory describes a DoS flaw in the Interniche-based TCP stack. This security hole, identified as CVE-2019-19300, affects Siemens’ SIDOOR door management system, various types of SIMATIC devices, SINAMICS converters, and SIPLUS products.

Siemens has released firmware updates for some of the affected devices to address the vulnerabilities, and says it’s working on patches for the remaining impacted products.

In addition, the industrial giant informed customers this week about a high-severity DHCP client flaw affecting its SIMOTICS, Desigo, APOGEE and TALON products; a critical vulnerability in TIM communication modules that can be exploited to gain full control of devices; and two persistent XSS flaws impacting Climatix POL908 and POL909 modules.

Related: Siemens Patches Serious DoS Vulnerabilities in Several Products

Related: Profinet Vulnerability Exposes Siemens, Moxa Devices to DoS Attacks

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.