Your one-stop web resource providing safety and security information to manufacturers

There is an update to the WIBU-SYSTEMS AG WibuKey Digital Rights Management (DRM) vulnerabilities released last month that can lead to an information exposure, out-of-bounds write, and a heap-based buffer overflow, according to a report with NCCIC.

Successful exploitation of these remotely exploitable vulnerabilities, which Siemens discovered, may allow information disclosure, privilege escalation, or remote code execution. Public exploits are available. On top of that, an attacker with low skill level could leverage the vulnerabilities.

RELATED STORIES
Rockwell Patches RSLinx Classic Issue
PSI GridConnect has Fix for Telecontrol
Moxa Clears IKS, EDS Holes
WinCC OA Licensing Software Holes Filled

The following products are affected by vulnerabilities in WibuKey Digital Rights Management (DRM):
• Siemens SICAM 230: All Versions 7.20 and prior
• Siemens SIMATIC WinCC OA (3.14/3.15/3.16): All versions
• COPA-DATA zenon products: All Versions 7.20 and prior (7.50 and 7.60 may also be affected if WibuKey was installed manually)
• COPA-DATA straton workbench: All Versions 9.2 and prior
• Sprecher Automation SPRECON-V460 products: All Versions 7.20 and prior (7.50 and 7.60 may also be affected if WibuKey was installed manually)
• Phoenix Contact MEVIEW3: All versions prior to 3.14.25 and 3.15.18

In one vulnerability, a specially crafted IRP (I/O request packet) can cause the driver to return uninitialized memory, which may result in kernel memory disclosure.

Schneider Bold

CVE-2018-3989 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.3.

In addition, a specially crafted IRP (I/O request packet) can cause a buffer overflow resulting in kernel memory corruption, which may allow privilege escalation.

CVE-2018-3990 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.3.

Also, a specially crafted TCP packet sent to Port 22347/TCP can cause a heap overflow, which may lead to remote code execution.

CVE-2018-3991 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 10.0.

The products see use in the commercial facilities, communications, critical manufacturing, energy, financial services, healthcare and public health, and transportation systems sectors. They also see action on a global basis.

Click here for the updated Wibu Systems Software.

Siemens recommends users upgrade to WibuKey DRM Version 6.50 or newer for all affected Siemens products. Siemens also recommends mitigating CVE-2018-3991 by blocking Port 22347/TCP. For detailed information, see Siemens security advisories SSA-760124 and SSA-844562.

COPA-DATA recommends users upgrade WibuKey DRM to Version 6.50a or newer, restrict physical and network access, segment network traffic, ensure systems using WibuKey WkLAN Server are not external facing, and apply application whitelisting. For detailed information, see COPA_DATA’s security advisory.

Sprecher Automation recommends users upgrade WibuKey DRM to Version 6.50b or newer, restrict physical and network access, segment network traffic, ensure systems using WibuKey WkLAN Server are not external facing, and apply application whitelisting. For detailed information, see Sprecher Automation’s security advisory.

Phoenix Contact has calculated different CVSS vectors from those in the Vulnerability Overview section. See the Phoenix Contact or CERT@VDE advisory for details.

Phoenix Contact recommends those using dongle-based licensing to update to WibuKey Version 6.50 or newer. MEVIEW3 Versions 3.14.25 and 3.15.18 will include Version 6.50 of WibuKey. For those using hardware code-based licensing, Phoenix Contact recommends removing the WibuKey application. For detailed information, click on the Phoenix Contact MEVIEW3 security advisory.

CERT@VDE has also published an advisory for the Phoenix Contact MEVIEW3.

Pin It on Pinterest

Share This