Siemens Clears SIMATIC WinCC OA Hole

Wednesday, September 12, 2018 @ 09:09 AM gHale

Siemens has an update available to mitigate an improper access control vulnerability in its SIMATIC WinCC OA, according to a report with NCCIC.

Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an unauthenticated remote user to escalate their privileges in the context of the program.

RELATED STORIES
TD Keypad Designer Mitigation Plan
Fuji Electric Clears V-Server Lite Hole
Fuji Electric Fixes V-Server Software
Ice Qube Clears Thermal Management Center Holes

A client-server HMI, SIMATIC WinCC OA Version 3.14 and prior suffer from the vulnerability.

Improper access control over Port 5678/TCP could allow an unauthenticated remote user to escalate privileges in the context of SIMATIC WinCC OA.

CVE-2018-13799 is the case number assigned to this vulnerability, with a CVSS v3 base score of 9.1.

The product sees use in the chemical, energy, food and agriculture, and water and wastewater systems sectors. The product sees action on a global basis.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

Siemens recommends updating to SIMATIC WinCC OA v3.14-P021. (Login Required)

Siemens also recommends the following manual mitigations to reduce risk:
• Follow the steps found at the following link to manually remediate the vulnerability (Login Required)
• Follow the SIMATIC WinCC OA Security Guideline for maintaining a secured SIMATIC WinCC OA environment (Login Required)
• Apply Defense-in-Depth

For more information, see Siemens Security Advisory SSA-346256.



Leave a Reply

You must be logged in to post a comment.