Siemens has an updated version to mitigate a missing authentication for critical function vulnerability in its TIM 1531 IRC, according to a report with ICS-CERT.
A communications module, the TIM 1531 IRC, all versions prior to v1.1 suffer from the remotely exploitable vulnerability, which Siemens self-reported.
Successful exploitation may cause the device to enter a denial-of-service condition, or allow the attacker to read and manipulate data and configuration settings of the affected device.
No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.
In the vulnerability, a remote attacker with network access to Port 80/TCP or Port 443/TCP could perform administrative operations on the device without prior authentication.
CVE-2018-4841 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.
The product sees use mainly in the chemical, critical manufacturing, and food and agriculture sectors. It also sees action on a global basis.
Siemens recommends updating to version 1.1 as soon as possible. Click here to view the update.
In addition, Siemens identified the following specific workaround and mitigation that users can apply to reduce the risk:
• Users can limit access to Port 80/TCP and Port 443/TCP in their network infrastructure (e.g., cell protection firewall or corporate firewall) to reduce the risk.
Siemens recommends users protect network access with appropriate mechanisms. Siemens also advises users follow recommendations in the product manuals and configure the operational environment according to Siemens’ Operational Guidelines for Industrial Security.
For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-110922.