Improper access control in Siemens SIMATIC WinCC



Published: 2019-05-14 | Updated: 2019-05-31
Risk High
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2019-10922
CWE-ID CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Siemens SIMATIC WinCC
Server applications / SCADA systems

SIMATIC PCS 7
Server applications / SCADA systems

Vendor Siemens

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Improper access control

EUVDB-ID: #VU18656

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-10922

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions when installations have not “Encrypted Communication” configured. A remote unauthenticated attacker with network access may be able to execute arbitrary code.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

A vendor recommends to:
  • Upgrade SIMATIC WinCC to v7.3 or newer.
  • Upgrade SIMATIC PCS 7 to v8.1 or newer.
  • Enable Encrypted Communications (some newer versions have this enabled by default).
  • Apply defense-in-depth concepts.

Vulnerable software versions

Siemens SIMATIC WinCC: 5.0 - v11

SIMATIC PCS 7: 6.1 - 9.0


CPE2.3 External links

http://www.securityfocus.com/bid/108398
http://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###