Siemens Patches Five Vulnerabilities in SIMATIC System

Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of issues, four of which are remotely exploitable.

Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of vulnerabilities, four of which are remotely exploitable.

The German company’s SIMATIC WinCC, a SCADA system and SIMATIC PCS7, a distributed control system (DCS) are directly affected by the issues, according to an advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Thursday.

Specifically the problems could result in privilege escalation or help an attacker get unauthorized access to sensitive data if they used a maliciously crafted HTTP request.

All of the vulnerabilities are remotely exploitable, save for one particular problem with access permissions on WinCC.

All of the vulnerabilities are remotely exploitable, save for one particular problem with access permissions on WinCC in which an attacker would have to have local access to the system to exploit.

Siemens technically fixed all of the vulnerabilities in WinCC V7.3, released this week, but PCS7 users will have to wait several months for the next version (V8.1) to incorporate the fixes from the new WinCC version.

While there’s no publicly known exploits targeting these vulnerabilities the company is still encouraging anyone running any versions of V7.3 and before to update as soon as possible. Until the next version of PCS7 is out the company has a list of things users can do in the meantime to mitigate these problems.

ICS-CERT also points out that the most recent build of WinCC introduces something the company is calling “Encrypted Communications” which it claims will add an ‘extra layer of security to protect the server’s communication.’

Siemens is still working on a complete set of patches to remedy four critical vulnerabilities in the way it implements OpenSSL its libraries. The company reported it was prepping updates last week for the flaws, currently being exploited in the wild, that affect half a dozen of its products.

The OpenSSL vulnerabilities in products like APE and WinCC OA were patched on Wednesday but the company is still working on patches for ROX 1, ROX 2, S7-1500, and CP1543-1.

All of the systems are used primarily throughout the industrial control systems sector to regulate infrastructure belonging to water, wastewater, oil, gas and chemical plants.

Suggested articles