Earlier this week (still getting caught up) the DHS ICS-CERT
published two advisories for control system vulnerabilities in Siemens
products. One was for a new denial of service attack vulnerability in the
Simatic S7-1500 CPU and the other was an update of an earlier HeartBleed
advisory.
S-1500 Advisory
This advisory
addresses a vulnerability in the handling of specially crafted TCP packets that
could result in a CPU restart and hold in the STOP mode which would require
manual reset. It was originally reported by Arnaud Ebalard from Agence
Nationale de la Sécurité des Systèmes d’Information (ANSSI) in a coordinated
disclosure.
Siemens has produced a firmware update that mitigates the
vulnerability. There is no indication that Ebalard has been given the
opportunity to verify the efficacy the fix.
ICS-CERT reports that a moderately skilled attacker could
remotely exploit this vulnerability. The Siemens Product-CERT
advisory clarifies that network access is required to exploit the
vulnerability.
OpenSSL Update
This advisory updates the Siemens HeartBleed Advisory originally
issued on July 17th and previously
updated on July 23rd. The new update:
• Provides affected version information
not previously provided for the S7-1500 product;
• Provides a link to the newly
available S7-1500; and
• Removes the alternative
mitigation measures previously provided for the S7-1500.
The Siemens ProductCert advisory was also updated.
NOTE: Siemens reports that they are continuing to work on HeartBleed fixes for their ROX 1, ROX 2, and CP1543-1 products.
Posts
No comments:
Post a Comment