Siemens Fixes SIMATIC S7-1200 CPU Family

Wednesday, October 10, 2018 @ 01:10 PM gHale

Siemens has firmware update to mitigate a cross-site request forgery (CSRF) vulnerability in its SIMATIC S7-1200 CPU Family Version 4, according to a report with NCCIC.

Successful exploitation of this vulnerability could allow a CSRF attack if an unsuspecting user is tricked into accessing a malicious link.

Siemens Clears SIMATIC Holes
GE Plugs Hole in iFix
WECON PI Studio Vulnerabilities
Change Healthcare Fixes Vulnerability

SIMATIC S7-1200 CPU Family Version 4: All versions prior to 4.2.3 suffer from the remotely exploitable vulnerability, discovered by Lisa Fournet and Marl Joos from P3 communications GmbH who reported it to Siemens.

In the vulnerability, the web interface could allow a CSRF attack if an unsuspecting user ends up tricked into accessing a malicious link. Successful exploitation requires interaction with a legitimate user, who must be authenticated to the web interface. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. This could allow the attacker to read or modify parts of the device configuration.

CVE-2018-13800 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

The product sees use in the chemical, energy, food and agriculture, healthcare and public health, transportation systems, and water and wastewater systems sectors. It also sees action on a global basis.

High skill level is needed to exploit.

Siemens has a firmware update (v4.2.3) and recommended users update to the new version. This update can be found on their website.

To reduce the risk, Siemens recommends users not visit other websites while being authenticated against the PLC.

As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security, and following the recommendations in the product manuals.

Click here for additional information on industrial security by Siemens.

For more information on this vulnerability and associated software updates, please see Siemens security advisory SSA-507847.

Leave a Reply

You must be logged in to post a comment.