Security Experts:

Siemens, Schneider Electric Inform Customers About Tens of Vulnerabilities

Industrial automation giants Siemens and Schneider Electric on Tuesday released several security advisories to inform customers about tens of vulnerabilities affecting their products. The companies have provided patches and recommendations for reducing the risk of exploitation.

Siemens

The eight new advisories released by Siemens on this Patch Tuesday cover roughly two dozen vulnerabilities affecting its Simcenter Femap, SIMATIC TIM, Solid Edge, SIMATIC NET, Mendix, JT2Go, Teamcenter Visualization, and SIMATIC RF products.

The only advisory with an overall severity rating of critical describes 15 vulnerabilities affecting the SIMATIC NET CP 443-1 OPC UA, specifically its NTP (Network Time Protocol) component. The flaws were discovered in NTP between 2015 and 2017, but it’s not uncommon for industrial solutions providers to patch third-party software components years after the fixes were made available.

These NTP vulnerabilities can be exploited for DoS attacks, bypassing security mechanisms, executing arbitrary code remotely, obtaining information, and manipulating time.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits Virtual Event Series

The remaining advisories released by Siemens have an overall severity rating of high. They describe security holes that can be exploited for DoS attacks, arbitrary code execution, data extraction, privilege escalation, and bypassing security mechanisms.

Schneider Electric

Schneider Electric also described roughly two dozen vulnerabilities in the new advisories published on Tuesday.

One advisory describes 13 flaws affecting the company’s Interactive Graphical SCADA System (IGSS) SCADA product. The security holes have been rated high severity and their exploitation can result in loss of data or remote code execution. An attacker could exploit the vulnerabilities by getting the targeted user to open malicious files.

Two advisories describe a dozen vulnerabilities affecting two of Schneider’s PowerLogic products. The flaws, the most serious of which allows an attacker to gain admin-level access to a device, were reported to Schneider by a researcher from industrial cybersecurity firm Dragos.

Another advisory informs organizations about some vulnerabilities in IEC 61131-3 programming and engineering tools. The bugs are introduced by the use of Rockwell Automation’s ISaGRAF automation software, which is used by other vendors as well.

The remaining advisories describe information disclosure issues in the Enerlin'X Com’X 510 and Modicon X80 BMXNOR0200H RTU products.

Related: Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products

Related: Siemens Releases Several Advisories for Vulnerabilities in Third-Party Components

Related: Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.