Siemens has a new version to mitigate an improper authentication vulnerability in its SIMATIC IT Production Suite, according to a report with NCCIC.
Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an attacker to compromise confidentiality, integrity and availability of the system.
Siemens reports this vulnerability affects the following products:
• SIMATIC IT LMS all versions
• SIMATIC IT Production Suite: Versions 7.1 prior to Version 7.1 Upd3
• SIMATIC IT UA Discrete Manufacturing versions prior to Version 2.4
In the vulnerability, an attacker with network access to the installation could bypass the application-level authentication.
CVE-2018-13804 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.7.
The product sees use mainly in the chemical, critical manufacturing, energy, food and agriculture, and water and wastewater systems sectors. It also sees action on a global basis.
No known public exploits specifically target this vulnerability. High skill level is needed to exploit.
Siemens provides updates to address this vulnerability in these products and recommends users update to the new version.
Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk: Restrict network access to affected installations.
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security, and following the recommendations in the product manuals.
Click here for additional information on industrial security by Siemens.
For more information on this vulnerability and associated software updates, please see Siemens’ security advisory SSA-886615.