Siemens produced a new version that fixes a denial-of-service vulnerability (DoS) in SIMATIC NET PC-Software, according to a report with ICS-CERT.
Vladimir Dashchenko and Sergey Temnikov from Kaspersky Labs reported this remote exploitable vulnerability directly to Siemens.
SIMATIC NET PC-Software: All versions prior to V13 SP2 suffer from the issue.
A successful exploit of this vulnerability could cause a DoS condition that would require a manual restart to recover.
Siemens is a multinational company headquartered in Munich, Germany.
The affected product, the Siemens SIMATIC NET PC-Software, communicates between controllers (PLCs) and PC-based solutions (HMIs). The SIMATIC NET PC-Software sees use across several sectors including chemical, critical manufacturing, and food and agriculture. Siemens said this product sees use on a global basis.
Specially crafted packets sent to several ports (Port 55101/TCP through Port 55105/TCP, Port 4845/TCP, and Port 4847/TCP through Port 4850/TCP) could cause a denial-of-service of the OPC-Unified Architecture (UA) service. A manual restart of the service would end up required to recover the system.
CVE-2016-5874 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.
No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.
Siemens provides SIMATIC NET PC-Software V13 SP2, which fixes the vulnerability, and recommends users upgrade to the new version. SIMATIC NET PC-Software V13 SP2 can end up obtained by contacting your local Siemens representative or customer support.
If OPC-UA is not required, Siemens recommends deactivating these in the communication settings according to the information in the respective product manual.
As a general security measure, Siemens recommends protecting network access to SIMATIC NET PC-Software services with appropriate mechanisms. It is advised to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.
For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-453276.