Siemens has an update available to mitigate an improper access control vulnerability in its SIMATIC WinCC OA, according to a report with NCCIC.

Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an unauthenticated remote user to escalate their privileges in the context of the program.

TD Keypad Designer Mitigation Plan
Fuji Electric Clears V-Server Lite Hole
Fuji Electric Fixes V-Server Software
Ice Qube Clears Thermal Management Center Holes

A client-server HMI, SIMATIC WinCC OA Version 3.14 and prior suffer from the vulnerability.

Improper access control over Port 5678/TCP could allow an unauthenticated remote user to escalate privileges in the context of SIMATIC WinCC OA.

Schneider Bold

CVE-2018-13799 is the case number assigned to this vulnerability, with a CVSS v3 base score of 9.1.

The product sees use in the chemical, energy, food and agriculture, and water and wastewater systems sectors. The product sees action on a global basis.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

Siemens recommends updating to SIMATIC WinCC OA v3.14-P021. (Login Required)

Siemens also recommends the following manual mitigations to reduce risk:
• Follow the steps found at the following link to manually remediate the vulnerability (Login Required)
• Follow the SIMATIC WinCC OA Security Guideline for maintaining a secured SIMATIC WinCC OA environment (Login Required)
• Apply Defense-in-Depth

For more information, see Siemens Security Advisory SSA-346256.

Pin It on Pinterest

Share This