Multiple Siemens Product Vulnerability Alert
Recently, Siemens officially issued a notice to fix various levels of security vulnerabilities in its various products. The affected products include SIMATIC WinCC OA, Spectrum Power, RUGGEDCOM RXO II and so on. It contains 2 vulnerabilities with a CVSS 3.0 score of 10 points.
SIMATIC WinCC OA Remote Code Execution Vulnerability – CVE-2018-3991
A vulnerability affecting SIMATIC WinCC OA CVE-2018-3991 was caused by improper access control of the 22347/TCP port. Successful exploitation of this vulnerability could lead to a heap overflow, which could lead to potential remote code execution.
CVSS v3.0 Base Score 10.0
- Affected version:
- SIMATIC WinCC OA Version 3.14 < P025
- SIMATIC WinCC OA Version 3.15 < P018
- SIMATIC WinCC OA Version 3.16 < P007
- Unaffected version:
- SIMATIC WinCC OA Version 3.14 PO25
- SIMATIC WinCC OA Version 3.15 PO18
- SIMATIC WinCC OA Version 3.16 P007
Solution
The official patch has been released by Siemens to fix the above vulnerability.
CVE-2019-6579: Spectrum Power 4.7 Command Injection Vulnerability
An attacker with network access on port 80/TCP or 443/TCP can execute system commands with administrative privileges.
CVSS v3.0 Base Score 10.0
- Affected version:
- Spectrum Power 4 with Web Office Portal is affected
Solution
Siemens provides repair updates for affected products.
CVE-2018-5379: RUGGEDCOM ROX II
The release version of the Quagga BGP daemon (bgpd) doubles the memory when processing some form of an UPDATE message (including cluster lists and/or unknown attributes). A successful attack can result in a denial of service or may allow an attacker to execute arbitrary code.
CVSS v3.0 Base Score 9.8
- Affected version:
- RUGGEDCOM ROX II version < V2.13.0
- Unaffected version:
- RUGGEDCOM ROX II version V2.13.0
Solution
Siemens provides repair updates for affected products.