Siemens fixed multiple DoS flaws in several products

Siemens issued Patch Tuesday updates for February 2020 that fixed serious denial-of-service (DoS) flaws in several of its products.

Siemens released Patch Tuesday updates for February 2020 that address serious denial-of-service (DoS) flaws in several of its products.

According to the advisories released by the vendor, a high-severity DoS flaw affects Siemens SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC products.

“A Denial-of-Service vulnerability was found in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC software when encrypted communication is enabled.” reads the security advisory published by Siemens. “The vulnerability could allow an attacker with network access to cause a Denial-of-Service condition under certain circumstances (versions prior to SIMATIC WinCC V7.3 or SIMATIC PCS 7 V8.1 are not affected as encrypted communication is not an option).”

The flaw could be exploited if encrypted communication is enabled by sending specially crafted messages to the vulnerable system over the network. An attacker could exploit the issue without system privileges or user interaction. The flaw, tracked with the ID SSA-270778 received a CVSS score of 7.5.

Siemens addressed another DoS vulnerability that affects some SIMATIC S7 CPUs. The vulnerability can be exploited by an unauthenticated attacker by sending specially crafted HTTP requests to TCP ports 80 or 443.

Siemens fixed a DoS flaw that resides in many of its products using Profinet-IO (PNIO) stack versions prior to 06.00.

Siemens fixed two of the flaws in several industrial products, both are related to the handling of SNMP messages.

Siemens also fixed an issue in its S7-1500 CPUs which can be exploited by sending specially crafted UDP packets to a device.

The complete list of DoS vulnerabilities addressed by the IT vendor is reported in the advisories published by the company.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ICS, DoS)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.