Enterprise network management equipment made by Siemens suffers from vulnerabilities that could allow an attacker to perform administrative actions.
Two flaws, a cross-site scripting (XSS) vulnerability and a cross-site request forgery (CSRF) vulnerability, exist in the company’s RUGGEDCOM NMS line of network management products.
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned the vulnerabilities are remotely exploitable and would take a low skill level to exploit in an advisory published on Tuesday.
ICS-CERT issued advisory ICSA-17-059-01 Siemens RUGGEDCOM NMS to ICS-CERT web site – https://t.co/1hWshCOkJz
— ICS-CERT (@ICSCERT) February 28, 2017
The equipment, deployed worldwide, is used for monitoring and maintaining networks, primarily in the energy, healthcare, and transportation industry, which use Siemens’ RUGGEDCOM family of software.
All versions of the software, Windows and Linux, prior to V2.1.0, are vulnerable, according to the advisory.
The CSRF vulnerability is the more pressing of the two, according to ICS-CERT. The vulnerability, which received a CVSS score of 8.8, could result in the direct execution of “administrative operations,” provided the victim has an active session and can be tricked into triggering a malicious request. The XSS vulnerability, which garnered a CVSS score of 6.3, is less serious but could still result in the “acquisition of administrative permissions” by a non-privileged user, according to the team.
Siemens is encouraging users of the products to update to the most recent RUGGEDCOM version, RUGGEDCOM NMS V2.1.0, which fixes the issues.
It’s the second advisory that ICS-CERT has issued for a Siemens product so far this year.
Earlier this month, on Valentine’s Day, ICS-CERT warned that a handful of devices that use Siemens’ SIMATIC Logon software were vulnerable to an authentication bypass. If exploited, an attacker could have bypassed application-level user authentication on the devices. Siemens released a new version of SIMATIC Logon to rectify the problem.