Yesterday the DHS ICS-CERT published a new control system security advisory for products from Siemens. Two recently published Siemens updates have yet to be reported by ICS-CERT
Siemens SCALANCE Advisory
This advisory describes a web security vulnerability in the Siemens SCALANCE M-800 and S615 modules. The vulnerability was reported by Alexander Van Maele and Tijl Deneut from HOWEST (University College West Flanders). Siemens has produced a new firmware version, but there is no indication that the researchers were provided an opportunity to verify the efficacy of the fix.
ICS-CERT reports that the vulnerability is remotely exploitable, but that it would be difficult to develop an exploit that could allow an attacker in a privileged network position to obtain web session cookies under certain circumstances. The Siemens Security Advisory explains that an attacker would have to be in a privileged network position to obtain web session cookies under certain circumstances.
This vulnerability was publicly reported by Siemens last Thursday.
Recent Siemens Updates
Last week on the same day that Siemens announced their update for the vulnerabilities described above they also announced an update for their glibc vulnerability that ICS-CERT reported on in July. I had expected to see the ICS-CERT update their advisory yesterday.
Yesterday Siemens announced an additional update on multiple vulnerabilities in their SIMATIC WinCC, PCS 7 and WinCC Runtime Professional products. ICS-CERT initially reported on these vulnerabilities in April and updated the report in June and again in July. With this only being publicly reported by Siemens yesterday, it was probably too much to expect that ICS-CERT would also be updating their advisory on the same day.
Hopefully we will be seeing ICS-CERT updating these two advisories in the coming days.