As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC PCS 7, SIMATIC WinCC
- Vulnerability: Classic Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local attacker to cause a denial-of-service condition in the runtime of the SCADA system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Siemens SIMATIC PCS 7 and SIMATIC WinCC, a SCADA system, are affected:
- Siemens SIMATIC PCS 7 V9.1: All versions before V9.1 SP2 UC04
- Siemens SIMATIC WinCC Runtime Professional V17: All versions
- Siemens SIMATIC WinCC Runtime Professional V18: All versions
- Siemens SIMATIC WinCC Runtime Professional V19: All versions before V19 Update 1
- Siemens SIMATIC WinCC V7.5: All versions before V7.5 SP2 Update 16
- Siemens SIMATIC WinCC V8.0: All versions
3.2 Vulnerability Overview
3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT (‘CLASSIC BUFFER OVERFLOW’) CWE-120
The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial-of-service condition.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: