Improper Certificate Validation in Siemens Server applications

#VU54868 Improper Certificate Validation in Siemens Server applications

Published: 2021-07-14

Vulnerability identifier: #VU54868

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-31892

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SINUMERIK Analyze MyCondition SINUMERIK Analyze MyPerformance
Hardware solutions / Firmware
SINUMERIK Analyze MyPerformance / OEE-Monitor
Hardware solutions / Firmware
SINUMERIK Analyze MyPerformance / OEE-Tuning
Hardware solutions / Firmware
SINUMERIK Integrate for Production
Hardware solutions / Firmware
SINUMERIK Manage MyMachines
Hardware solutions / Firmware
SINUMERIK Manage MyMachines / Remote
Hardware solutions / Firmware
SINUMERIK Manage MyMachines / Spindel Monitor
Hardware solutions / Firmware
SINUMERIK Manage MyPrograms
Hardware solutions / Firmware
SINUMERIK Manage MyResources / Programs
Hardware solutions / Firmware
SINUMERIK Manage MyResources / Tools
Hardware solutions / Firmware
SINUMERIK Manage My Tools
Hardware solutions / Firmware
SINUMERIK Optimize MyProgramming / NX-Cam Editor
Hardware solutions / Firmware
SINUMERIK Integrate Client 02
Hardware solutions / Firmware
SINUMERIK Integrate Client 03
Hardware solutions / Firmware
SINUMERIK Integrate Client 04
Hardware solutions / Firmware
SINUMERIK Operate
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to an error in a third-party dependency, the SSL flags used for setting up a TLS connection to a server are overwritten with wrong settings. A remote attacker can perform a man-in-the-middle (MitM) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SINUMERIK Analyze MyCondition SINUMERIK Analyze MyPerformance: All versions

SINUMERIK Analyze MyPerformance / OEE-Monitor: All versions

SINUMERIK Analyze MyPerformance / OEE-Tuning: All versions

SINUMERIK Integrate for Production: All versions

SINUMERIK Manage MyMachines: All versions

SINUMERIK Manage MyMachines / Remote: All versions

SINUMERIK Manage MyMachines / Spindel Monitor: All versions

SINUMERIK Manage MyPrograms: All versions

SINUMERIK Manage MyResources / Programs: All versions

SINUMERIK Manage MyResources / Tools: All versions

SINUMERIK Manage My Tools: All versions

SINUMERIK Operate: 4.8 - 4.94

SINUMERIK Optimize MyProgramming / NX-Cam Editor: All versions

External links
http://cert-portal.siemens.com/productcert/pdf/ssa-729965.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper Certificate Validation in Siemens SINUMERIK Integrate Operate Client