"Siemens Security Advisory Discloses Critical, High-Severity Flaws"

The industrial manufacturing company Siemens has disclosed several critical and high-severity vulnerabilities discovered in its products, including a heap-based buffer overflow flaw in the SIMATIC devices' SINEMA Remote Connect Server (SRCS) Virtual Private Network (VPN) feature. According to Siemens, SINEMA Remote Connect enables end-users to remotely access plants and machines. It leverages VPN connections between the control center, service engineers, and installed plants. Meanwhile, the SIMATIC devices that have been impacted are communication processors, which connect controllers to various types of networks. The flaw stems from a failure to properly validate user-supplied data when parsing specific messages, potentially resulting in a buffer overflow. Attackers could use the flaw to execute code in the device's context. The flaw has a CVSS score of 10, indicating that it is critical but it has been emphasized that the SRCS VPN feature is not enabled by default. Siemens also stated that the CVSS score and impact are unique to each customer environment. Fixes are available for certain SIMATIC device versions, but many versions are still without a fix. Siemens stated that impacted companies can configure the communication processor to only connect to trusted SINEMA SRCS instances, block access to port 5243/udp, or disable the SINEMA SRCS VPN feature completely as a workaround for this flaw. This article continues to discuss Siemens' recent disclosure of vulnerabilities found in its products. 

Decipher reports "Siemens Security Advisory Discloses Critical, High-Severity Flaws"