Security Experts:

Connect with us

Hi, what are you looking for?



Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products

Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system (ICS) products.

Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system (ICS) products.

Siemens has released six new advisories and updated 18 previous advisories. The new advisories describe vulnerabilities affecting the company’s SICAM, SIMATIC, SIPLUS, LOGO! 8, SENTRON, SIRIUS, and XHQ products.

In LOGO! 8 and SIPLUS devices, the company fixed eight vulnerabilities, including a critical flaw that can allow an attacker who has network access to gain complete control over the targeted device.

Siemens has also started releasing patches for its SIPLUS, SIMATIC ITC, SIMATIC WinCC and SIMATIC HMI Panel products to fix several vulnerabilities discovered last year by Kaspersky in the TightVNC open source virtual network computing (VNC) system. The flaws include critical and high-severity issues that can be exploited for arbitrary code execution or DoS attacks.

The German industrial giant has also updated its XHQ Operations Intelligence products to address information disclosure, XSS, SQL injection, and CSRF vulnerabilities, including ones that have been classified as high severity.

Siemens has also released an advisory to inform customers that some of its products are affected by one of the recently disclosed Amnesia:33 vulnerabilities affecting TCP/IP stacks. Researchers have discovered 33 security holes and they have been found to impact millions of IoT and OT devices from 150 vendors, but Siemens says its SENTRON PAC devices and SIRIUS 3RW5 communication module are only affected by one of the Amnesia:33 vulnerabilities, one that can be exploited for DoS attacks.

Learn more about vulnerabilities in industrial systems at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

As for Schneider Electric, the company released a total of nine new advisories on Tuesday and updated several previous advisories.

A majority of the new advisories address vulnerabilities identified in Schneider’s Modicon industrial controllers. One of these flaws was discovered by researchers at industrial cybersecurity firm Claroty, which published a blog post describing its findings on Tuesday. Last month, Schneider and Claroty disclosed several encryption vulnerabilities allowing hackers to take control of some Modicon PLCs.

Schneider informed customers this week that patches and mitigations are available for high- and medium-severity information disclosure, DoS, code execution, command execution, and account credential exposure issues. It’s worth noting that DoS vulnerabilities can have a bigger impact in the case of ICS compared to IT systems, as they can lead to disruptions in production.

Related: Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks

Related: Schneider Electric Warns Customers of Drovorub Linux Malware

Related: Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.