Thursday, March 8, 2018

ICS-CERT Publishes Two Siemens Advisories


Today the DHS ICS-CERT published two control system security advisories for products from Siemens.

SIPROTEC Advisory 1


This advisory describes two vulnerabilities in the Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet module. The vulnerabilities were reported by Ilya Karpov and Dmitry Sklyarov from Positive Technologies. Siemens has provided updates for a number of the affected products to mitigate the vulnerabilities. There is no indication that the security researchers have been provided an opportunity to verity the efficacy of the fix. The Siemens security advisory provides a generic work around for the systems for which updates have yet to be provided.

The two reported vulnerabilities are:

• Missing authentication for critical function - CVE-2018-4840; and
Inadequate encryption strength - CVE-2018-4839

ICS-CERT reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to upload a modified device configuration that could overwrite access authorization passwords, or allow an attacker to capture certain network traffic that could contain authorization passwords.

SIPROTEC Advisory 2


This advisory describes a missing authentication vulnerability in the Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices using the EN100 Ethernet communication module extension. The vulnerabilities were reported by Ilya Karpov and Alexey Stennikov from Positive Technologies. Siemens has developed a new version for one of the affected products to mitigate the vulnerability, and generic workarounds that can be used while Siemens develops the remainder of the updates. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

ICS-CERT reports that a relatively low skilled attacker could remotely exploit the vulnerability to either upgrade or downgrade the firmware of the device, including downgrading to older versions with known vulnerabilities.

No comments:

 
/* Use this with templates/template-twocol.html */