Siemens and Schneider Electric issue fixes for ICS systems
Take action: Updates to ICS systems - as usual, never easy and with a lot of pushback. But since the vendors are fixing issues regularly, you need to assess risk and apply patches regularly. Even if it's a closed isolated network.
Learn More
Siemens and Schneider Electric jointly issued nine new security advisories, aiming to address a total of 50 vulnerabilities that affect their respective industrial products.
t is important to note that both Schneider Electric and Siemens Energy confirmed being targeted by the Cl0p ransomware group.
Siemens specifically released five advisories, notifying its customers about the availability of patches to mitigate more than 40 vulnerabilities across various systems.
- Critical and high-severity issues in the Simatic CN 4100 communication system. The critical vulnerability could be exploited by an attacker to gain administrative access and achieve complete control over the targeted device. Another high-severity bug was resolved, which allowed bypassing network isolation.
- Ruggedcom ROX products, Siemens addressed 21 vulnerabilities. These vulnerabilities encompassed a range of risks, such as information disclosure, arbitrary command or code execution, denial-of-service (DoS) conditions, and arbitrary actions through Cross-Site Request Forgery (CSRF) attacks. Most of these vulnerabilities were classified as critical or high severity and affected third-party components.
- Simatic MV500 optical readers fix critical and high-severity vulnerabilities. The patches addressed issues found in the web server and third-party components of the readers. Exploiting these vulnerabilities could lead to DoS attacks or information disclosure.
- Tecnomatix Plant Simulation software receive fixes for six high severity issues. These vulnerabilities had the potential to crash the application or allow an attacker to execute arbitrary code by tricking the targeted user into opening specially crafted files.
- Lastly, Siemens addressed a high-severity DoS vulnerability in the SiPass access control system, providing a fix to mitigate the issue.
Schneider Electric released four advisories:
- Codesys runtime system V3 communication server. The vulnerabilities associated with the Codesys runtime system V3 impacted multiple Schneider Electric products, including PacDrive and Modicon controllers, Harmony HMIs, and the SoftSPS simulation runtime embedded in EcoStruxure Machine Expert. Exploiting these security holes had the potential to result in DoS attacks and, in some cases, remote code execution.
- StruxureWare Data Center Expert (DCE) monitoring software, where they resolved two high-severity and two medium-severity vulnerabilities. These vulnerabilities, if successfully exploited, could lead to unauthorized access or remote code execution, posing significant risks to the integrity and security of the monitored data center.
- Accutech Manager application for sensors, preventing potential attackers from leveraging the vulnerability to disrupt the system through DoS attacks.
- Resolved a medium-severity vulnerability related to information disclosure in the EcoStruxure OPC UA Server Expert product, ensuring the confidentiality of sensitive data.
