NET PC-Software DoS Hole Fixed

Wednesday, July 27, 2016 @ 10:07 AM gHale


Siemens produced a new version that fixes a denial-of-service vulnerability (DoS) in SIMATIC NET PC-Software, according to a report with ICS-CERT.

Vladimir Dashchenko and Sergey Temnikov from Kaspersky Labs reported this remote exploitable vulnerability directly to Siemens.

RELATED STORIES
Siemens Mitigates SIMATIC Holes
Siemens glibc Library Fix Update
Schneider Mitigates Video System Issue
Moxa Clears MGate Vulnerability

SIMATIC NET PC-Software: All versions prior to V13 SP2 suffer from the issue.

A successful exploit of this vulnerability could cause a DoS condition that would require a manual restart to recover.

Siemens is a multinational company headquartered in Munich, Germany.

The affected product, the Siemens SIMATIC NET PC-Software, communicates between controllers (PLCs) and PC-based solutions (HMIs). The SIMATIC NET PC-Software sees use across several sectors including chemical, critical manufacturing, and food and agriculture. Siemens said this product sees use on a global basis.

Specially crafted packets sent to several ports (Port 55101/TCP through Port 55105/TCP, Port 4845/TCP, and Port 4847/TCP through Port 4850/TCP) could cause a denial-of-service of the OPC-Unified Architecture (UA) service. A manual restart of the service would end up required to recover the system.

CVE-2016-5874 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.

Siemens provides SIMATIC NET PC-Software V13 SP2, which fixes the vulnerability, and recommends users upgrade to the new version. SIMATIC NET PC-Software V13 SP2 can end up obtained by contacting your local Siemens representative or customer support.

If OPC-UA is not required, Siemens recommends deactivating these in the communication settings according to the information in the respective product manual.

As a general security measure, Siemens recommends protecting network access to SIMATIC NET PC-Software services with appropriate mechanisms. It is advised to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.

For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-453276.