Siemens WinCC TIA Portal Holes

Friday, August 2, 2013 @ 05:08 PM gHale


Siemens produced a software update that mitigates the multiple vulnerabilities in the Siemens WinCC (TIA Portal), according to a report on ICS-CERT.

Siemens has tested the software update to validate that it resolves the remotely exploitable vulnerabilities, discovered by Researchers Timur Yunusov and Sergey Bobrov of Positive Technologies. Exploitation of these vulnerabilities could either allow URL redirection to Web sites that are not trusted or compromise of integrity and availability of the system.

RELATED STORIES
IOServer Fixes Improper Input Validation
GE Fixes Improper Input Validation
QNX Patches Multiple Vulnerabilities
Nano-10 PLC Denial of Service

The following Siemens products suffer from the issue:
• WinCC (TIA Portal) V11: all versions
• WinCC (TIA Portal) V12: all versions < V12 SP1 Siemens is a multinational company headquartered in Munich, Germany. The affected product, Siemens WinCC (TIA Portal), is engineering software used for configuring SIMATIC Panels, SIMATIC industrial personal computers, and standard computers. The WinCC TIA Portal works in conjunction with WinCC Runtime Advanced or the SCADA System WinCC Runtime Professional visualization software. Siemens develops products mainly in the energy, transportation, and healthcare sectors. This software is used in many industries, including food and beverage, water and wastewater, oil and gas, and chemical. The WinCC Web server of the affected HMI panels is susceptible to reflected cross-site request forgery. Exploitation of this vulnerability may allow an attacker to compromise the integrity and the availability of the system. CVE-2013-4911 is the number assigned to this vulnerability, which has a CVSS v2 base score of 5.8. The WinCC Web server is susceptible to URL redirection. By using a URL value that causes the Web server to redirect the request to a specified URL, an attacker can cause the user to visit a site that is not trusted. CVE-2013-4912 is the number assigned to this vulnerability, which has a CVSS v2 base score of 4.3. No known public exploits specifically target these vulnerabilities and an attacker with a moderate skill would be able to exploit these vulnerabilities. Siemens has produced a software update that resolves these vulnerabilities. The update can apply to all versions of WinCC TIA Portal. Siemens recommends asset owners and operators contact Siemens customer support to acquire the update. Click here for Siemens update information.

Click here for Siemens security advisory.



Leave a Reply

You must be logged in to post a comment.