SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-798604097] Siemens SIMATIC PCS 7

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-11-02OtherSiemensSergey Temnikov and Vladimir Dashchenko of Kaspersky Labs reported the vulnerability to Siemens. N/ACVE-2017-1402 N/AN/AN/A

Source

						
							
								
#
# Siemens SIMATIC PCS 7
#


### VULNERABLE VENDOR
Siemens


### VULNERABLE PRODUCT
SIMATIC PCS 7



### RESEARCHER
Sergey Temnikov and Vladimir Dashchenko of Kaspersky Labs reported the vulnerability to Siemens.



### AFFECTED PRODUCTS

The following versions of SIMATIC PCS 7, a distributed control system, are affected:

V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and
V8.2 all versions.



### IMPACT

Successful exploitation of this vulnerability could allow a remote authenticated attacker to crash services on the devices.



### VULNERABILITY OVERVIEW

IMPROPER INPUT VALIDATION CWE-20
The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.
CVE-2017-14023 has been assigned to this vulnerability.
A CVSS v3 base score of 4.9 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany




### MITIGATION

Siemens has released the following updates:

V8.1: Update to V8.1 SP1 with WinCC V7.3 Upd 13 which can be obtained from:

https://support.industry.siemens.com/cs/ww/en/view/109746452


Siemens is currently working on updates for the remaining affected versions and recommends that affected users:

Apply cell protection concept,
Use VPN for protecting network communication between cells, and
Apply Defense-in-Depth.

Siemens also strongly recommends that users protect network access to the SIMATIC PCS 7 with appropriate mechanisms by configuring the environment according to operation guidelines that can be found at:

https://support.industry.siemens.com/cs/ww/en/view/60119725


.

For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-523365 at the following location:

http://www.siemens.com/cert/en/cert-security-advisories.htm