Table of Contents
Siemens and Schneider Electric Patch Tuesday Advisory
In a consolidated effort to secure their products, Siemens and Schneider Electric released their Patch Tuesday advisories for October 2023. The advisories address more than 40 vulnerabilities detected in their offerings, further indicating an ongoing commitment towards the protection of information and their customers' operations.
Siemens’ New Advisories
Siemens issued a dozen new advisories addressing a total of 41 vulnerabilities. These advisories highlight potential security risks present in a range of the company's products, including industrial, process and networking equipment. The Ruggedcom APE1808 industrial application hosting platform was among the products affected, with seven vulnerabilities stemming from Nozomi Networks' Guardian product.
Nozomi Component Flaws
Security flaws traced back to Nozomi's components could be exploited to perform various malicious actions. These actions include obtaining sensitive information, executing arbitrary JavaScript code, hijacking user sessions, and causing a denial-of-service (DoS) condition. Nozomi Networks has since patched the vulnerabilities present in its Guardian product, and Siemens is likewise working to develop patches for its Ruggedcom APE1808 platform.
Addressed Vulnerabilities in Other Siemens’ Products
In addition to the Ruggedcom platform, Siemens addressed notable vulnerabilities found in several other products. Critical vulnerabilities were patched in Scalance W1750D, Simcenter Amesim, and Sicam A8000 RTUs. High-severity vulnerabilities were addressed in Sinema Server, Sicam PAS/PQS, Siemens Xpedition Layout Browser, Sinec NMS, Tecnomatix Plant Simulation, and Sicam A8000 RTUs. Medium-severity vulnerabilities were rectified in the Mendix 'forgot password' module and Simatic CP devices.
Schneider Electric Advisories
Not to be left out of the patching activity, Schneider Electric released advisories for critical vulnerabilities found in the SpaceLogic C-Bus Toolkit and EcoStruxure Power Monitoring Expert (PME) and EcoStruxure Power Operation products. This action demonstrates Schneider Electric's proactive approach in mitigating the potential risks posed by the uncovered vulnerabilities.
Vulnerabilities in Siemens’ Ruggedcom APE1808 Industrial Application
Siemens' Ruggedcom APE1808, an industrial application hosting platform, has been found to contain seven vulnerabilities. The primary focus of the security concerns revolves around this device due to the critical nature and number of vulnerabilities detected.
Existence of Seven Vulnerabilities
The company discovered a total of seven vulnerabilities in the Ruggedcom APE1808 industrial application, which could potentially impact the platform's performance and security. This has raised concerns, knowing that such vulnerabilities could lead to significant consequences, including unauthorized access to information, arbitrary code execution, user session hijacking, and denial-of-service (DoS) attacks.
Affected Component: Nozomi Networks’ Guardian Product
The vulnerabilities found in Ruggedcom APE1808 seem to stem from components of Nozomi Networks' Guardian product that the platform uses. With multiple systems potentially affected by the vulnerabilities from this component, it has brought Nozomi Networks into the spotlight, pushing the company to revise its security measures to prevent future compromises in its product suite.
Advisory Provided to Prevent Exploitation Whilst Patches Are in Development
In response to these vulnerabilities, Siemens has offered an advisory as a safeguard for the existing users. While Siemens is in the process of developing patches for its Ruggedcom product, the advisory serves as an interim solution that provides users with necessary steps to protect their systems from potential exploitation of the discovered vulnerabilities.
Critical Vulnerabilities Patched by Siemens
Siemens has been proactive in addressing identified vulnerabilities in several industrial products. The effectiveness of these patches seeks to maintain the integrity of their hardware, safeguard information and integrate the best available protective measures.
Scalance W1750D Flaws
Among the most critical vulnerabilities patched by Siemens are those found in the Scalance W1750D devices. The patches developed for these devices work to rectify security shortcomings that once left unchecked, could compromise system functionality and security. The specific nature of these flaws has not been specified but Siemens assures users that the patches rectify the existing issues.
Simcenter Amesim Bug
Siemens addressed and resolved a serious bug in the Simcenter Amesim software program. The software was found to be at risk of DLL injections by unauthenticated, remote adversaries. These types of attacks are especially dangerous as they could facilitate remote control over the program, and could access and manipulate data within. The patch developed by Siemens prevents this vulnerability from being exploited.
Sicam A8000 Remote Terminal Units
Another crucial fix was made in the Sicam A8000 remote terminal units. These devices posed a potential risk if unauthorized access was gained via SSH, a protocol used to manage and control over a network. The preventative measures taken by Siemens include patching up these potential gaps in security, ensuring that such access routes are securely shielded from unauthorized use.
Schneider Electric’s Advisory and Actions
Committed to ensuring resilience and warding off threats to its systems, Schneider Electric too released advisories for its product vulnerabilities in October 2023.
Release of New Advisories
Schneider Electric has released two new advisories that address vulnerabilities in its offerings. These advisories provide vital information about the vulnerabilities, guide users on prevention methods, and announce available patches for the identified security issues.
Vulnerabilities in SpaceLogic C-Bus Toolkit and EcoStruxure Products
The advisories pointed out vulnerabilities impacting the SpaceLogic C-Bus Toolkit and multiple EcoStruxure products including Power Monitoring Expert and Power Operation products. If exploited, these vulnerabilities could compromise system integrity and pose serious security risks. Schneider Electric promptly disseminated this information through advisories to warn end-users and encourage immediate security countermeasures.
Patches for Critical Vulnerabilities
In response to the identified critical vulnerabilities, Schneider Electric has developed patches to protect its products against these threats. By doing so, the company is taking essential steps to maintain secure operations and the continuity of their clients' business processes, thereby the patches serve as a protective shield, safeguarding the products from potential attacks.
