Siemens Patches WinCC Vulnerabilities Likely Being Exploited

  • 26 November 2014
  • 1 reply
  • 575 views

Userlevel 7
Badge +54
by Michael Mimoso      November 26, 2014

Global industrial supplier Siemens has patched two critical vulnerabilities that it believes are likely being exploited.

Organizations running products using the Siemens WinCC application are urged to apply available patches immediately; the company said it is working on updates for any remaining affected products.

An advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) identified the affected products:
 
  • SIMANTIC WinCC: V7.0 SP2 and earlier: All versions; V7.0 SP3 and earlier: All versions; V7.2: All versions prior to V7.2 Update 9; and V7.3: All versions prior to V7.3 Update 2.
  • SIMANTIC PCS7: V7.1 SP4 and earlier: All versions; V8.0: All versions prior to V8.0 SP2 with WinCC V7.2 Update 9; and V8.1: All versions with WinCC V7.3 prior to V8.1 Update 2.
  • TIA Portal V13 (including WinCC Professional Runtime): All versions prior to V13 Update 6.
Full Article

1 reply

Userlevel 7
Badge +54
A bit more info on the topic.
 
Posted on 28 November 2014.Siemens has released an out-of-band update for the SIMANTIC WinCC SCADA system, which is integrated in its PCS7 distributed control system and its TIA Portal, engineering software for SIMATIC products that is deployed across several industrial sectors primarily in the US and Europe.

The update solves two critical bugs: CVE-2014-8551, which could allow remote code execution for unauthenticated users if specially crafted packets are sent to the WinCC server, and CVE-2014-8552, which could allow unauthenticated users to extract arbitrary files from the WinCC server (also via a specially crafted packet). 
Full Article

Reply