Siemens Mitigates Critical Vulnerabilities

Monday, November 24, 2014 @ 05:11 PM gHale

Siemens released software updates to address two critical vulnerabilities in its SIMATIC WinCC supervisory control and data acquisition (SCADA) system, one of which could end up exploited remotely.

The German industrial products giant also released software updates for WinCC, PCS 7 and TIA Portal products, and said it is working on additional updates for other versions of the affected products.

Advantech Deals with Multiple Vulnerabilities
Rockwell Mitigates ActiveX Vulnerabilities
ABB Fixes Dll Hijack Vulnerability
Exploits Target Nordex Vulnerability

SIMATIC WinCC monitors and controls physical processes involved in industry and infrastructure, and sees action in industries such as oil and gas, chemical, food and beverage, water and wastewater.

PCS 7 is a distributed control system (DCS) integrating SIMATIC WinCC, and TIA Portal is the company’s engineering software used for SIMATIC products.

The first vulnerability (CVE-2014-8551) within WinCC is critical, with a CVSS Base Score of 10.0. The flaw could allow remote code execution for unauthenticated users if specially crafted packets end up sent to the WinCC server, according to the security advisory from Siemens ProductCERT.

The second vulnerability (CVE-2014-8552), also a component within WinCC, could allow an unauthenticated attacker to extract arbitrary files from the WinCC server by sending specially crafted packets to the server. However, in order to exploit this flaw, the attacker must have network access to the affected system, Siemens said.

While Siemens prepares additional software updates, the company’s ProductCERT team suggests customers mitigate the risk of their systems by implementing the following steps:
• Always run WinCC server and engineering stations within a trusted network
• Ensure the WinCC server and the engineering stations communicate via encrypted channels only (e.g. activate feature “Encrypted Communications” in WinCC V7.3 (PCS 7 V8.1), or establish a VPN tunnel)
• Restrict access to the WinCC server to trusted entities
• Apply up-to-date application whitelisting software and virus scanners

Leave a Reply

You must be logged in to post a comment.