Siemens Fixes SINEMA XSS Hole
Wednesday, July 27, 2016 @ 10:07 AM gHale
Siemens created an update to mitigate a cross-site scripting (XSS) vulnerability in its SINEMA Remote Connect Server application, according to a report on ICS-CERT.
Researchers Antonio Morales Maldonado of INNOTEC SYSTEM, and Alexander Van Maele and Tijl Deneut of Howest discovered the remotely exploitable vulnerability.
SINEMA Remote Connect Server Version 1.2 suffers from the issue.
Exploiting this vulnerability could enable attackers to read some files from Siemens SINEMA Remote Connect Server devices. This could enable a remote attacker ongoing access to these devices.
Siemens is a multinational company headquartered in Munich, Germany.
The affected product, SINEMA Remote Connect Server, is a network management appliance for industrial applications and allows network monitoring as well as diagnostics and reporting functions integrated into SCADA systems such as WinCC.
SINEMA products see action across several sectors including chemical, commercial facilities, critical manufacturing, energy, government facilities, and water and wastewater systems. Siemens estimates this product sees use primarily in the United States and Europe with a small percentage in Asia.
The integrated web server (Port 443/TCP) of the affected SINEMA Remote Connect Server could allow XSS attacks if unsuspecting users end up tricked into accessing a malicious link.
CVE-2016-6204 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.7.
No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability. Social engineering would be a requirement to convince the user into accessing a malicious link. This decreases the likelihood of a successful exploit.
Siemens provides software update V1.2 for SINEMA Remote Connect Server which fixes the vulnerability and recommends users update to the new version. Click here to obtain the software update for SINEMA Remote Connect Server.
As a general security measure, Siemens recommends users configure the environment according to its operational guidelines available.
For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-119132.