Siemens has Update for Siveillance VMS

Tuesday, June 11, 2019 @ 07:06 PM gHale

Siemens has updates to handle improper authorization, incorrect user management and missing authentication vulnerabilities in its Siveillance VMS, according to a report with NCCIC.

Successful exploitation of these remotely exploitable vulnerabilities, which Siemens self-reported, could allow an attacker with network access to Port 80/TCP to change device properties, user roles, and user-defined event properties.

RELATED STORIES
Hole in Medical Device DICOM Standard
Optergy Building Management System Fixed
Panasonic Fixes Control FPWIN Pro Holes
Geutebrück Fixes G-Cam, G-Code Holes

The following versions of Siveillance VMS are affected:
• 2017 R2 all versions prior to v11.2a
• 2018 R1 all versions prior to v12.1a
• 2018 R2 all versions prior to v12.2a
• 2018 R3 all versions prior to v12.3a
• 2019 R1 all versions prior to v13.1a

In one vulnerability, an attacker with network access to Port 80/TCP could change device properties without authorization.

CVE-2019-6580 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

In addition, an attacker with network access to Port 80/TCP could change user roles without proper authorization.

CVE-2019-6581 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

Also, an attacker with network access to Port 80/TCP can change user-defined event properties without proper authorization.

CVE-2019-6582 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.1.

The product sees use mainly in the critical manufacturing and commercial facilities sectors. It also sees action on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

Siemens released the following updates to the Siveillance VMS products:
• 2017 R2 v11.2a
• 2018 R1 v12.1a
• 2018 R2 v12.2a
• 2018 R3 v12.3a
• 2019 R1 v13.1a

Click here to find the proper updates.

Siemens also recommends applying the following specific mitigation to reduce risk: Block Port 80/TCP at an external firewall.

For more information see Siemens security advisory SSA-212009.



Leave a Reply

You must be logged in to post a comment.