Siemens Mitigates SICAM PAS Issues

Thursday, December 1, 2016 @ 05:12 PM gHale

Siemens released an update to mitigate vulnerabilities that affect SICAM PAS, according to a report with ICS-CERT.

Some of these vulnerabilities, discovered by Ilya Karpov and Dmitry Sklyarov of Positive Technologies and Sergey Temnkikov and Vladimir Dashchenko of Kaspersky Lab and reported directly to Siemens, are remotely exploitable.

RELATED STORIES
Moxa Fixes NPort Device Holes
Mitsubishi Fixes One Module Vulnerability
Advantech’s New Software to Clear Holes
Medication Safety Software Hole Fixed

SICAM PAS: All versions older than Version 8.08 suffer from the issues.

Successful exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or remotely exploit arbitrary code.

Siemens is a multinational company headquartered in Munich, Germany.

The affected product, SICAM PAS, is energy automation software for operating electrical substations. SICAM PAS sees action across the energy sector. This product sees use on a global basis.

In one vulnerability, a factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP.

SICAM PAS Versions 8.00 and higher are not affected by this vulnerability.

CVE-2016-8567 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8,

In addition, an authenticated local attacker with certain privileges could possibly reconstruct the passwords of users for accessing the database.

SICAM PAS Versions 8.00 and higher are not affected by this vulnerability.

CVE-2016-8566 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

Also, a remote attacker could use specially crafted packets sent to Port 19235/TCP to upload, download, or delete files in certain parts of the file system.

CVE-2016-9156 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

In addition, a remote attacker could use specially crafted packets sent to Port 19235/TCP to upload, download, or delete files in certain parts of the file system.

CVE-2016-9157 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill would be able to exploit these vulnerabilities.

Siemens has released SICAM PAS Version 8.08 to fix these vulnerabilities. Siemens recommends that users update to this version. To obtain Version 8.08 users should contact their regional Siemens representative or the Siemens Energy Customer Support Center.

For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-444217.



Leave a Reply

You must be logged in to post a comment.