Siemens Mitigates XHQ Vulnerability

Siemens created an update to its XHQ product that mitigates an improper access control vulnerability, according to a report with ICS-CERT.

This vulnerability, self-reported by Siemens, could allow a low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.

RELATED STORIES
Siemens Clears SIMATIC Hole
Ecava Fixes IntegraXor Vulnerability
Siemens Authentication Bypass Update
Siemens Updates DCP DoS Hole

The vulnerability affects the following versions of the XHQ operations intelligence product line:
• XHQ 4: All versions prior to V4.7.1.3
• XHQ 5: All versions prior to V5.0.0.2

No known public exploits specifically target this vulnerability. This vulnerability is remotely exploitable and an attacker with low skill level could exploit it.

A vulnerability in XHQ server could allow an authenticated, low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.

CVE-2017-6866 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.

The product sees action mainly in the energy sector and it is deployed on a global basis.

Siemens released new versions of XHQ to address this vulnerability. Users are to call their local service organization for further information on how to obtain the newest version of XHQ.  If the local service organization is not known, please call a local Siemens hotline center.

Siemens strongly recommends users protect network access to XHQ with appropriate mechanisms. Siemens also advises users configure the operational environment according to Siemens’ Operational Guidelines for Industrial Security.

For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-945660.