Get in Touch
Siemens discloses two critical security flaws
Target Industry
Indiscriminate, opportunistic targeting.
Overview
Two critical-level security vulnerabilities have been discovered in the latest batch of Siemens security patches. The flaws, tracked as SSA-831302 and SSA-794697, have both been designated a CVSSv3 score of 9.8 and pertain to the BIOS of the SIMATIC S7-1500 TM MFP and the Linux Kernel of the SIMATIC S7-1500 TM MFP, respectively.
Impact
Successful exploitation of the vulnerabilities outlined in the advisories mentioned above could lead to a total loss of confidentiality, availability, and integrity of data with regards to the affected product versions.
Vulnerability Detection
No security updates have been released for these vulnerabilities. However, mitigation strategies have been put forward.
Affected Products
- SSA-831302: SIMATIC S7-1500 TM MFP – BIOS (all versions)
- SSA-794697: SIMATIC S7-1500 TM MFP – Linux Kernel (all versions)
Containment, Mitigations & Remediations
No security updates have been released for either SSA-831302 or SSA-794697. However, Siemens strongly recommends that users of both only build and run applications from trusted sources to reduce the risk of exploitation.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available currently.
Threat Landscape
Siemens occupies a significant portion of the build-automation market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Siemens products have become a prime target. Due to the fact that these products have become an integral aspect of business operations, threat actors will continue to exploit vulnerabilities contained within these systems in an attempt to extract the sensitive information contained therein.
Threat Group
No attribution to specific threat actors or groups has been identified at the time of writing.
Further Information
