Siemens has patched a web vulnerability in its SIMATIC PLC family of products that could have led unsuspecting users to malicious sites.
According to an advisory on the Industrial Control Systems Cyber Emergency Response Team‘s (ICS-CERT) site Thursday, the bug was an open redirect vulnerability that could have been exploited remotely.
A condition in the web server on affected devices could enable an attacker to redirect users to untrusted websites if they went ahead and clicked through a malicious link.
In particular the bug affects all versions prior to V4.1 of the SIMATIC S7-1200 CPU family, a product primarily designed for use in industrial control systems across the chemical, manufacturing, food, and agriculture sectors.
Hendrik Schwartke, Ralf Spenneberg, and Maik Bruggemann, developers at OpenSource Training, a German support and consulting group, dug up the vulnerabilities and responsibly coordinated disclosure with Siemens.
While Siemens reports that there currently aren’t any public exploits for this vulnerability, the German company pushed a firmware fix – release V4.1 [1] – for it on Wednesday and ICS-CERT encouraged users yesterday to deploy the patch.
It’s the fourth vulnerability Siemens has patched in its family of SCADA devices in 2015. Over the last three weeks the company has patched a denial of service vulnerability in some switches, an NTP vulnerability in a VPN service and a privilege escalation vulnerability in a SIMATIC iOS app it makes.