Siemens issues emergency SCADA patch

Remote exploits plugged in WinCC

Ancient skull found in cave in northern Laos

Got Siemens SCADA? Get patching: the company has issued updates for software using its WinCC application to plug a bunch of remotely-exploitable vulnerabilities.

According to the ICS-CERT advisory, versions of the company's SIMANTIC WinCC, SIMANTIC PCS7 and TIA Portal V13 (which includes a WinCC runtime) are all vulnerable.

There are two specific problems:

  • In CVE-2014-8551, score 10, a WinCC component is vulnerable to crafted packets sent to the server, allowing unauthenticated remote code execution; and
  • In CVE-2014-8552, score 7.8, crafted packets sent to the WinCC server could allow a remote attacker to pull files from the server.

Both vulnerabilities can be exploited with “low skill”, the advisory states, with ICS-CERT adding: “Indicators exist that this vulnerability may have been exploited during a recent campaign.”

Siemens has issued updates for all products, with detailed instructions in this PDF. ®

Sponsored: Minds Mastering Machines - Call for papers now open


Biting the hand that feeds IT © 1998–2018