Your one-stop web resource providing safety and security information to manufacturers

Siemens has a mitigation plan to handle multiple vulnerabilities in the WibuKey Digital Rights Management (DRM) solution, which affect SISHIP Automation Solutions, according to a report from Siemens ProductCERT.

Siemens recommends users to apply the updates to WibuKey Digital Rights Management (DRM) provided by WIBU SYSTEMS AG.

RELATED STORIES
Orpak Updates Fix SiteOmat Holes
GE Upgrade Fixes Communicator Holes
Sierra Handling Holes in AirLink ALEOS
Rockwell Fixes CompactLogix 5370 Holes

SISHIP Automation Solutions are SIMATIC PCS7-based solutions optimized for ship automation applications.

The vulnerabilities affect the following products:
• SISHIP EMCS, all versions
• SISHIP IMAC, all versions
• SISHIP IPMS, all versions

Cyber Security

In one vulnerability, a specially crafted IRP (I/O request packet) can cause the driver to return uninitialized memory, resulting in kernel memory disclosure.

The vulnerability has a case number of CVE-2018-3989, which has a CVSS base score of 4.3.

In addition, another vulnerability has a specially crafted IRP (I/O request packet) that can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation.

The vulnerability has a case number of CVE-2018-3990, which has a CVSS base score of 9.3.

Also, a specially crafted TCP packet sent to port 22347/tcp can cause a heap overflow, potentially leading to remote code execution.

The vulnerability has a case number of CVE-2018-3991, which has a CVSS base score of 10.0.

For SISHIP EMCS, an updated software version for the solution, fixing the issue, is available. Customers are advised to contact Siemens customer support.

For SISHIP IMAC, an updated software version for the solution, fixing the issue, is available.

For SISHIP IPMS, an updated software version for the solution, fixing the issue, is available.

In addition, Siemens identified the following specific workarounds and mitigations: For CVE-2018-3991 the issue can be mitigated by blocking port 22347/tcp on an external firewall.

As a general security measure, Siemens recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens’ operational guidelines for Industrial Security, and to follow the recommendations in the product manuals.

Click here for more information on security vulnerabilities in Siemens products and solutions.

Pin It on Pinterest

Share This