Siemens has made available workarounds and patches that address medium and high severity vulnerabilities found in the company’s Desigo PX and SIMATIC automation products.
The flaws have been described in advisories published by Siemens and ICS-CERT in the past days. The most serious of the issues, based on their CVSS score, affect all versions of SIMATIC S7-300 and S7-400 programmable logic controllers (PLCs).
The security holes, discovered by Zhu WenZhe from Beijing Acorn Network Technology, can be exploited to obtain credentials from a PLC configured with protection level 2, and cause a denial-of-service (DoS) condition by sending specially crafted packets to TCP port 80.
Siemens has not released patches for these vulnerabilities, but informed customers that the DoS flaw can only be exploited if the web server is manually enabled in the project configuration. Disabling the web server prevents attacks. As for the credentials disclosure issue, attacks can be prevented by applying protection level 3.
SAVE THE DATE: ICS Cyber Security Conference | Singapore – April 25-27, 2017
A different researcher from Beijing Acorn Network Technology has informed Siemens of a medium severity issue affecting SIMATIC WinCC SCADA systems and PCS7 distributed control systems (DCS). The flaw can be exploited to crash the application or leak memory content, but the attack only works if a local user can be tricked into clicking on a malicious link.
Siemens patched the vulnerability with the release of SIMATIC WinCC V7.2 and SIMATIC PCS 7 V8.0 SP1.
The last advisory describes a cryptographic issue in Desigo PX, automation stations and operator units designed for controlling and monitoring building systems.
“The affected devices use a pseudo random number generator with insufficient entropy to generate certificates for HTTPS, potentially allowing remote attackers to reconstruct the corresponding private key,” Siemens said.
The issue affects various Desigo PX Web modules for automation controllers running firmware versions prior to 6.00.046.
Related: Privilege Escalation Flaw Affects Several Siemens Products
Related: Siemens Releases Firmware Updates to Patch SIMATIC Flaws
Related: Siemens Patches Flaws in SIMATIC, License Manager Products
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
