Security Experts:

Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products

Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system (ICS) products.

Siemens has released six new advisories and updated 18 previous advisories. The new advisories describe vulnerabilities affecting the company’s SICAM, SIMATIC, SIPLUS, LOGO! 8, SENTRON, SIRIUS, and XHQ products.

In LOGO! 8 and SIPLUS devices, the company fixed eight vulnerabilities, including a critical flaw that can allow an attacker who has network access to gain complete control over the targeted device.

Siemens has also started releasing patches for its SIPLUS, SIMATIC ITC, SIMATIC WinCC and SIMATIC HMI Panel products to fix several vulnerabilities discovered last year by Kaspersky in the TightVNC open source virtual network computing (VNC) system. The flaws include critical and high-severity issues that can be exploited for arbitrary code execution or DoS attacks.

The German industrial giant has also updated its XHQ Operations Intelligence products to address information disclosure, XSS, SQL injection, and CSRF vulnerabilities, including ones that have been classified as high severity.

Siemens has also released an advisory to inform customers that some of its products are affected by one of the recently disclosed Amnesia:33 vulnerabilities affecting TCP/IP stacks. Researchers have discovered 33 security holes and they have been found to impact millions of IoT and OT devices from 150 vendors, but Siemens says its SENTRON PAC devices and SIRIUS 3RW5 communication module are only affected by one of the Amnesia:33 vulnerabilities, one that can be exploited for DoS attacks.

Learn more about vulnerabilities in industrial systems at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

As for Schneider Electric, the company released a total of nine new advisories on Tuesday and updated several previous advisories.

A majority of the new advisories address vulnerabilities identified in Schneider’s Modicon industrial controllers. One of these flaws was discovered by researchers at industrial cybersecurity firm Claroty, which published a blog post describing its findings on Tuesday. Last month, Schneider and Claroty disclosed several encryption vulnerabilities allowing hackers to take control of some Modicon PLCs.

Schneider informed customers this week that patches and mitigations are available for high- and medium-severity information disclosure, DoS, code execution, command execution, and account credential exposure issues. It’s worth noting that DoS vulnerabilities can have a bigger impact in the case of ICS compared to IT systems, as they can lead to disruptions in production.

Related: Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks

Related: Schneider Electric Warns Customers of Drovorub Linux Malware

Related: Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.