Siemens Fixes SIMATIC Family Holes

Friday, April 25, 2014 @ 04:04 PM gHale


Siemens created a new product release that mitigates two vulnerabilities in its SIMATIC S7-1200 CPU family, according to a report on ICS-CERT.

The following Siemens SIMATIC S7-1200 CPU versions suffer from the issue, SIMATIC S7-1200 CPU family Versions: V2.X and V3.X. Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Br├╝ggemann from OpenSource Training found the vulnerabilities.

RELATED STORIES
Certec Fixes Heartbleed Vulnerability
Siemens Fixes SINEMA Vulnerabilities
Progea Fixes Movicon SCADA App
Alert: DNP3 Implementation Vulnerability

Attackers could use these vulnerabilities to perform attacks against the SIMATIC S7-1200 CPU family web server to disrupt integrity and availability of normal operations.

Siemens is a multinational company headquartered in Munich, Germany.

Products in the Siemens SIMATIC S7-1200 PLC family work in the discrete and continuous control in critical infrastructure sectors such as chemical, critical manufacturing, and food and agriculture.

The integrated web server (Port 80/TCP and Port 443/TCP) of the Siemens SIMATIC S7-1200 CPU family could allow cross-site scripting attacks in conjunction with social engineering.

CVE-2014-2908 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 4.3.

The integrated web server (Port 80/TCP and Port 443/TCP) of the Siemens SIMATIC S7-1200 CPU family could allow HTML header injections in conjunction with social engineering.

CVE-2014-2909 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 5.8.

These vulnerabilities are not exploitable remotely and cannot end up exploited without user interaction. The exploits are trigger when a local user runs the vulnerable web page by clicking a malicious link.

No known public exploits specifically target these vulnerabilities.

Crafting a working exploit for these vulnerabilities would be difficult. Social engineering would end up used to convince the user to open the malicious web page. This decreases the likelihood of a successful exploit.

Siemens has provided SIMATIC S7-1200 CPU product release V4.0, which fixes the reported vulnerabilities. Click here for further details on the S7-1200 V4.0 release.

For more information on the vulnerabilities, please see Siemens Security Advisory SSA-892012.

Siemens strongly recommends protecting network access to S7-1200 CPUs with appropriate mechanisms. Siemens advises following recommended security practices and configuring the environment according to operational guidelines in order to run the devices in a protected IT environment. Siemens also recommends operating the devices only within trusted networks.



Leave a Reply

You must be logged in to post a comment.