News

Siemens reported on a number of vulnerabilities in SINAMICS and SCALANCE

Siemens has fixed security issues in its SINAMICS and SCALANCE products.

SINAMICS series products are frequency converters used in critical infrastructure enterprises, including in the chemical, electric power, transport and food industries, as well as in healthcare and social services.

An unsupervised resource consumption vulnerability in SINAMICS could allow an attacker to cause a denial of service. The problem affects the device’s web server and allows it to reboot.

“In order to carry out an attack, an attacker must have access to a vulnerable product through the network. Elevated privileges or user participation are not required”, – Siemens security experts indicate.

The vulnerability received the identifier CVE-2019-6568 and a rating of 7.5 out of 10 for the CVSS v3 vulnerability assessment system. The problem has been fixed in SINAMICS v4.8 SP2 HF9.

SCALANCE managed switches are used in chemical, power and food industries, as well as in water treatment systems.

Read also: The researcher carried out an attack on the front-end-backend systems, allowing invasion into third-party requests

CVE-2019-10927: Allows an authorized attacker with access to port 22 / TCP on a vulnerable device to cause a denial of service. To carry out the attack, participation by the user is not required. According to the CVSS v3 vulnerability assessment system, the problem was rated 6.5 out of 10.

CVE-2019-10928: Allows an authorized attacker with access to port 22 / TCP and physical access to the device to execute arbitrary commands. According to the CVSS v3 vulnerability assessment system, the problem was rated 6.6 out of 10.

Currently, Siemens has released an update only for the SCALANCE SC-600 (version 2.0.1). As a precaution, the company recommends that users disable port 22 / TCP, restrict physical access to vulnerable devices, and use the built-in firewall in the SCALANCE SC-600.

Previously, Siemens also fixed a vulnerability in Siemens SCALANCE X managed switches.

Mitigations for SINAMICS

Siemens recommends users update to v4.8 SP2 HF9. The update can be obtained from a Siemens representative or via Siemens customer service.

Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:

  1. Restrict network access to the integrated webserver.
  2. Deactivate the webserver if not required, and if deactivation is supported by the product. For SINAMICS products, webserver may be deactivated with parameter P8986 = 0
As a general security measure, Siemens strongly recommends users protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends users configure the environment according to Siemens’ operational guidelines for industrial security, and follow the recommendations in the product manuals.

William Reddy

I am from Ireland. My parents bought me a computer when I was 11, and several month after I have got a virus on this PC. I decided to enter the INSA Centre Val de Loire university after being graduated from the school. This French educational institution was offering a brand-new cybersecurity course. After getting the master degree in cybersecurity, I've started working in as virus analyst in a little anti-malware vendor. In 2018, I've decided to start Virus Removal project. The main target of this site is to help people to deal with PC viruses of any kind.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

Back to top button