Siemens Patches Multiple Vulnerabilities In A8000 Automation Device
Take action: However tedious and difficult, and however you think your OT network is isolated, plan to patch your A8000 PCBs. Because you can be certain that someone somewhere will expose them to the internet, simply because it's easy to manage remotely. It doesn't help you that there's a public exploit PoC that can be used as a blueprint for malicious exploits.
Learn More
Siemens addressed a series of vulnerabilities that were discovered by security researchers in its A8000 PLC automation device. These vulnerabilities, which include a critical flaw enabling code execution, have a potential to be exploited remotely by an unauthorized individual without authentication.
The Siemens A8000 is an essential modular telecontrol and automation device utilized in energy supply areas, catering to a wide range of applications and is widespread in the energy sector. This device plays a crucial role in grid optimization. If successfully exploited, the vulnerabilities could lead to disruption to power supply and a cascading impact on critical infrastructure.
The research unveiled four distinct vulnerabilities affecting Siemens A8000 CP-8050 and CP-8031 PLC:
- CVE-2023-28489 classified as critical with a CVSS severity score of 9.8 could be leveraged by an attacker without authentication, who could send maliciously crafted HTTP requests to port 80/443 of the PLC.
- CVE-2023-33919 rated as high severity with a CVSS score of 7.2 is a result of inadequate server-side input sanitation, allowing an authenticated adversary to execute arbitrary commands on the target PLC with root privileges.
- CVE-2023-33920 with a CVSS score of 6.8 was attributed to a hardcoded root password,
- CVE-2023-33921, also with a CVSS score of 6.8 exposed the UART interface, granting access to an attacker physically present near the PCB.
By exploiting the last two vulnerabilities in combination, an adversary could potentially gain root access to the UART interface.
Upon being informed of these vulnerabilities in March 2023, Siemens engaged with the researchers and began working on solutions.
Siemens released patches and fixes for the remaining three vulnerabilities in June. The security researchers publicly shared comprehensive details, including proof-of-concepts (PoCs), for all four vulnerabilities in their advisory.
To ensure the protection of their devices, users are strongly advised to update their Siemens A8000 devices to CPCI85 V05 or later, as these versions incorporate the necessary patches to mitigate the identified vulnerabilities.
