Your one-stop web resource providing safety and security information to manufacturers

Siemens has a update available to handle a denial of service (DoS) vulnerability in its SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II, according to a report from Siemens ProductCERT.

The product contains a denial-of-service vulnerability within the Parameter Read/Write over Fieldbus network functionality.

Siemens Fixes SISHIP Software Holes
Orpak Updates Fix SiteOmat Holes
GE Upgrade Fixes Communicator Holes
Sierra Handling Holes in AirLink ALEOS

An attacker with access to the field bus network could cause a DoS condition by sending specially crafted packets. By default, Parameter Read/Write over Fieldbus network is disabled, and this functionality must be specifically enabled to expose this vulnerability.

The SINAMICS Perfect Harmony GH180 medium voltage converter family is used to control a wide variety of medium voltage converters or inverters in different applications.

Cyber Security

The following products suffer from the vulnerability:
• SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2, 6SR3, 6SR4, all versions with option G21, G22, G23, G26, G28, G31, G32, G38, G43 or G46
• SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2, 6SR3, 6SR4, all versions with option G21, G22, G23, G26, G28, G31, G32, G38, G43 or G46

An improperly configured Parameter Read/Write execution via Field bus network may cause the controller to restart.

The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the affected system.

At the time of advisory publication no public exploitation of this security vulnerability was known.

The vulnerability has a case number of CVE-2019-6574, which has a CVSS base score of 7.5.

For both issues, Siemens’ remediation is to upgrade to NXGpro control.
Siemens has identified the following specific workarounds and mitigations:
• Disable the Fieldbus Parameter Read/Write functionality
• Apply cell protection concept and implement Defense-in-Depth

As a general security measure, Siemens recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens’ operational guidelines for Industrial Security, and to follow the recommendations in the product manuals.

Click here for more information on security vulnerabilities in Siemens products and solutions.

Pin It on Pinterest

Share This