Siemens multiple products there is a security problem, the part of the patch has been released-vulnerability warning-the black bar safety net

ID MYHACK58:62201565068
Type myhack58
Reporter 佚名
Modified 2015-07-25T00:00:00


Siemens recently released software and firmware security update, saying the company multiple products there are security issues, users are advised to update ASAP. ICS-CERT and Siemens announcement that the SIPROTEC 4 and SIPROTEC Compact devices recently have been affected by the vulnerability plagued, and in some cases can be exploited in a Dos attack. These devices can be used for substation and other applications to provide protection, Control, measurement and automation functions. Vulnerability: Dos vulnerability An attacker can use CVE-2 0 1 5-5 3 7 4 vulnerability to device 5 0 0 0 0/UDP Port to send a specially crafted packet, then the remote for the equipment to launch a Dos attack. The affected version SIPROTEC 4 and SIPROTEC Compact product EN100 Ethernet model, 4.24 and previous versions of the product Currently Siemens has been subjected to the patch, 4.25 version, EN100 Ethernet models have no security risks. Vulnerability II: Android application vulnerabilities The second vulnerability is a local exploit, the impact is the SIMATIC WinCC Sm@rtClient Android applications. Sm@rtClient app and the Sm@rtServer designed to keep the user on the mobile device for remote manipulation and monitoring SIMATIC human-machine Exchange System. And unfortunately, it is found that the presence of a security vulnerability, the attacker can locally access the Sm@rtClient application, steal login Sm@rtServer credentials. The affected version The Android version of SIMATIC WinCC Sm@rtClient : before all versions The Android version of SIMATIC WinCC Sm@rtClient Lite : before all versions The SIMATIC WinCC Sm@rtClient version has been patched, users are advised to update ASAP. Vulnerability three: the POODLE vulnerability Running ROS and ROX operating system of RuggedCom devices can be attackers unleashed POODLE(Padding Oracle On Downgraded Legacy Encryption attack it. POODLE can be MiTM attacker to steal the encrypted communication of sensitive information. An attacker can use this vulnerability to hijack the device's web session, access the device's management module, you can even enhance the user permissions. The affected version Based on the ROS RuggedCom device: 4.2.0 version before Based on the ROX RuggedCom device: 2.6.3 version before Siemens has been updated based on the ROS operating system of the device 4.2.0, however based on the ROX device has not been updated, the security researcher being repaired. The user can temporarily disable the ROX II web interface and instead use the SSH command interface.