Siemens Fixes SIMATIC S7-1200 Hole
Tuesday, March 15, 2016 @ 03:03 PM gHale
Siemens’ SIMATIC S7-1200 CPU product, release V4.0 or newer fixes a protection mechanism failure vulnerability in old firmware versions of the product, according to a report on ICS-CERT.
Maik Brüggemann and Ralf Spenneberg from Open Source Training reported this remotely exploitable issue directly to Siemens.
All versions of the SIMATIC S7-1200 CPU family prior to V4.0 suffer from the issue. An attacker who exploits this vulnerability could circumvent user program block protection.
Siemens is a multinational company headquartered in Munich, Germany.
The affected products, the Siemens SIMATIC S7-1200 CPU family, see use in discrete and continuous control in industrial environments. The Siemens SIMATIC S7-1200 CPU family sees action across several sectors including chemical, critical manufacturing, and food and agriculture. Siemens estimates these products see use on a global basis.
SIMATIC S7-1200 CPU firmware prior to Version 4.0 could possibly allow an attacker to circumvent user program block protection under certain circumstances.
CVE-2016-2846 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.
No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.
Siemens recommends firmware release Version 4.0 or later for SIMATIC S7-1200 CPUs. Siemens recommends to keep firmware up to date and to set the PLC functionality “Access protection” to read/write protection. Click here for the latest firmware release.
For more information on these vulnerabilities and detailed instructions, click on Siemens Security Advisory SSA-833048.
As a general security measure Siemens recommends to protect network access to the web interface of S7-1200 CPUs with appropriate mechanisms. Siemens advises to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.