Siemens developed mitigations and workarounds to handle improper privilege management and clear text transmission of sensitive information vulnerabilities in its SIMATIC Ident MV420 and MV440 Families, according to a report with NCCIC.
Successful exploitation of these remotely exploitable vulnerabilities could allow a remote attacker to escalate privileges and view data transmitted between the device and the user. Siemens self-reported the vulnerabilities.
The following SIMATIC Ident families suffer from the issues:
• MV420: All versions
• MV440: All versions
In on vulnerability, an authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver.
CVE-2019-10925 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.1.
In addition, communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position.
CVE-2019-10926 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.
The product sees use mainly in the critical manufacturing sector. It also sees action on a global basis.
No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.
Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:
• By setting the DISA bit, changes to the project by logged-in users can be prevented. Click on the operating instructions for more details.
• Protect network access to affected devices.
For more information see Siemens security advisory SSA-816980, which can be found at the following link: