Siemens Clears Viewport Vulnerability

Thursday, June 29, 2017 @ 03:06 PM gHale

Siemens revised is software to mitigate an improper authentication vulnerability in its Viewport for Web Office portal, according to a report with ICS-CERT.

ViewPort for Web Office Portal: versions prior to revision number 1453 suffer from the remotely exploitable vulnerability, discovered by Hannes Trunde from Kapsch BusinessCom AG who reported it directly to Siemens.

Siemens Mitigates XHQ Vulnerability
Siemens Clears SIMATIC Hole
Ecava Fixes IntegraXor Vulnerability
Siemens Authentication Bypass Update

Successful exploitation of this vulnerability could allow a remote attacker to upload and execute arbitrary code.

No known public exploits specifically target this vulnerability. However, an attacker will low skill level would be able to leverage the vulnerability.

An unauthenticated remote attacker may be able to use specially crafted network packets to upload arbitrary code to Port 443/TCP or Port 80/TCP and execute with the permissions of the operating system user.

CVE-2017-6869 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

The product sees use mainly in the energy sector on a global basis.

Siemens released software revision number 1453 for ViewPort for Web Office Portal to address the vulnerability. The company recommends users update to the fixed version. This new version can be obtained by emailing Siemens Energy Customer Support Center.

Munich, Germany-based Siemens recommends the following mitigations until users can apply the patches:
• Protect access to Port 443/TCP and Port 80/TCP of the affected product with appropriate measures
• Disable Port 80/TCP and use TLS client certificates (PKI) to access Port 443/TCP
• Apply Defense-in-Depth

For more information on this vulnerability and more detailed mitigation instructions, click on Siemens Security Advisory SSA-545214.

Comments are closed.