Get in Touch
Industry sectors and critical infrastructure such as the manufacturing, transportation and energy sectors.
Siemens has released seventeen new security advisories, five of which have been classified with a critical-severity level:
- SSA-968170 (CVSSv3 score: 10.0) – Remote Code Execution Vulnerability in SIMATIC STEP 7 V5.x and Derived Products
- SSA-794697 (CVSSv3 score: 9.8) – Vulnerabilities in the Linux Kernel of the SIMATIC S7-1500 TM MFP V1.0
- SSA-561322 (CVSSv3 score: 9.8) – Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3.
- SSA-313488 (CVSSv3 score: 9.9) – Multiple Vulnerabilities in SIMATIC CN 4100 before V2.50
- SSA-146325 (CVSSv3 score: 9.8) – Multiple Vulnerabilities in RUGGEDCOM ROX before V2.16
Successful exploitation of these vulnerabilities could lead to a total loss of confidentiality, availability, and integrity of data with regards to the affected product versions.
Security patches for these vulnerabilities have been released by Siemens. Previous product versions therefore remain vulnerable to potential exploitation.
- SSA-968170: SIMATIC STEP 7 V5.x and Derived Products
- SSA-794697: SIMATIC S7-1500 TM MFP V1.0
- SSA-561322: SIMATIC MV500 Devices before V3.3.
- SSA-313488: SIMATIC CN 4100 before V2.50
- SSA-146325: RUGGEDCOM ROX before V2.16
Containment, Mitigations & Remediations
It is strongly recommended that users of the affected product versions apply the relevant security patches, which can be found within the Siemens Security Advisory.
Indicators of Compromise
No specific Indicators of Compromise (IoC) are available currently.
Siemens occupies a significant portion of the build-automation market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Siemens products have become a prime target. Due to the fact that these products have become an integral aspect of business operations, threat actors will continue to exploit vulnerabilities contained within these systems in an attempt to extract the sensitive information contained therein.
No attribution to specific threat actors or groups has been identified at the time of writing.
TA0002 – Execution