Search by:
16 November 2018
Siemens has released several advisories on vulnerabilities identified in its industrial automation solutions.
The most dangerous of the vulnerabilities, CVE-2018-16556 and CVE-2018-16557, affect SIMATIC S7-400 CPUs. Successful exploitation of these vulnerabilities could cause a denial-of-service condition. A manual reboot or firmware re-image is required to bring the system back to normal operation. CVSS v.3 base scores of 7.5 and 8.2, respectively, have been calculated for these vulnerabilities.
Both flaws are improper input validation vulnerabilities. Both can be exploited by sending specially crafted packets to port 102/TCP via Ethernet interface, via PROFIBUS, or via multi-point interfaces (MPI).
Devices affected by these vulnerabilities include the following products:
Siemens recommends the following measures to reduce the risk of vulnerability exploitation:
Another serious vulnerability has been identified in SIMATIC IT Production Suite, a plant-centric IT solution building the link between business systems (e.g., ERP) and control systems. CVE-2018-13804 could allow authorized users with physical or network access to the affected system to bypass the application-level authentication.
This issue has been assigned a CVSS v.3 base score of 7.7. It affects the following solutions:
To mitigate this issue, Siemens recommends installing the relevant updates and restricting network access to affected installations.
Siemens has also reported the following medium-severity vulnerabilities (CVSS v.3 base score from 4 to 5.3):
Siemens has released updates fixing these vulnerabilities for all affected solutions.