Siemens Fixes SIMATIC Family Holes

Friday, April 25, 2014 @ 04:04 PM gHale


Siemens created a new product release that mitigates two vulnerabilities in its SIMATIC S7-1200 CPU family, according to a report on ICS-CERT.

The following Siemens SIMATIC S7-1200 CPU versions suffer from the issue, SIMATIC S7-1200 CPU family Versions: V2.X and V3.X. Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training found the vulnerabilities.

RELATED STORIES
Certec Fixes Heartbleed Vulnerability
Siemens Fixes SINEMA Vulnerabilities
Progea Fixes Movicon SCADA App
Alert: DNP3 Implementation Vulnerability

Attackers could use these vulnerabilities to perform attacks against the SIMATIC S7-1200 CPU family web server to disrupt integrity and availability of normal operations.

Siemens is a multinational company headquartered in Munich, Germany.

Products in the Siemens SIMATIC S7-1200 PLC family work in the discrete and continuous control in critical infrastructure sectors such as chemical, critical manufacturing, and food and agriculture.

The integrated web server (Port 80/TCP and Port 443/TCP) of the Siemens SIMATIC S7-1200 CPU family could allow cross-site scripting attacks in conjunction with social engineering.

CVE-2014-2908 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 4.3.

The integrated web server (Port 80/TCP and Port 443/TCP) of the Siemens SIMATIC S7-1200 CPU family could allow HTML header injections in conjunction with social engineering.

CVE-2014-2909 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 5.8.

These vulnerabilities are not exploitable remotely and cannot end up exploited without user interaction. The exploits are trigger when a local user runs the vulnerable web page by clicking a malicious link.

No known public exploits specifically target these vulnerabilities.

Crafting a working exploit for these vulnerabilities would be difficult. Social engineering would end up used to convince the user to open the malicious web page. This decreases the likelihood of a successful exploit.

Siemens has provided SIMATIC S7-1200 CPU product release V4.0, which fixes the reported vulnerabilities. Click here for further details on the S7-1200 V4.0 release.

For more information on the vulnerabilities, please see Siemens Security Advisory SSA-892012.

Siemens strongly recommends protecting network access to S7-1200 CPUs with appropriate mechanisms. Siemens advises following recommended security practices and configuring the environment according to operational guidelines in order to run the devices in a protected IT environment. Siemens also recommends operating the devices only within trusted networks.



Leave a Reply

You must be logged in to post a comment.