Siemens Clears Web Server XSS Hole

Tuesday, January 19, 2016 @ 04:01 PM gHale

Siemens created a firmware update to mitigate a cross-site scripting vulnerability in its OZW672 and OZW772 devices, according to a report on ICS-CERT.

Siemens reports the remotely exploitable vulnerability, discovered by independent researcher Aditya Sood, affects the following products: OZW672: All versions prior to V6.00 and the OZW772: All versions prior to V6.00

Advantech Fixes Multi WebAccess Holes
Siemens Fixes RUGGEDCOM Holes
Schneider Fixes Modicon Vulnerability
No Updates for MOSCAD Issues

An attacker who exploits this vulnerability may be able to change data and settings on the target device.

Siemens is an international company headquartered in Munich, Germany.

OZW devices are web servers used for remote monitoring of building controller devices, such as heating or air conditioning. These devices see action across several sectors, including commercial facilities. Siemens said these products see use worldwide.

The web server login form input does not sanitize correctly, which results in a cross-site scripting vulnerability.

CVE-2016-1488 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.7.

No known public exploits specifically target this vulnerability. However, an attacker with a medium skill would be able to exploit this vulnerability.

Siemens has created firmware updates to fix the vulnerability. Siemens recommends customers upgrade to the new firmware versions. As a general security measure, Siemens recommends to protect network access to OZW products with appropriate mechanisms. Company officials also said to follow recommended security practices in order to run the devices in a protected IT environment.

Click here for firmware updates for OZW672 products.

Click here for firmware updates for OZW772 products.

For more information on this vulnerability and more detailed mitigation instructions, click on the Siemens Security Advisory SSA-743465.