Wisky - stock.adobe.com

Security alert for vulnerabilities in Siemens PLCs

Industries that use Siemens Simatic controllers to automate manufacturing processes have been urged to update software without delay

Siemens has issued a security alert about the company’s Simatic S7-1500 programmable logic controllers (PLCs) after security researchers at Positive Technologies reported “serious vulnerabilities” that exposed industrial processes to denial-of-service (DoS) attacks.

The researchers warn that, left unpatched, the vulnerabilities can be exploited by cyber attackers to disrupt industrial control systems in the automotive, food and beverage industries, where they are commonly used for automation.

Both of the vulnerabilities (CVE-2018-16558 and CVE-2018-16559) received a score of 7.5 out of 10 according to the Common Vulnerability Scoring System (CVSS).

Paolo Emiliani, industry and Scada research analyst at Positive Technologies, said unauthenticated attackers could use these vulnerabilities to carry out DoS attacks against a PLC and severely affect industrial processes.

“This is possible by sending a specially crafted network packet to TCP [transmission control protocol] ports 80 or 443 of vulnerable CPUs,” he said. “To restore PLC functioning, owners must manually switch the device to normal operating mode.

“Crucially, successful exploitation does not require system privileges or user interaction, which makes the overall risk and exposure higher.”

Siemens has released a security advisory, recommending that organisations should update the firmware of any Simatic S7-1500 PLCs to version 2.5 or later.

If updates cannot be installed because of hardware restrictions, Siemens said organisations should protect network access to TCP ports 80 and 443 of affected devices.

Read more about ICS security

  • Cyber attackers specialising in industrial control systems are fast, efficient and able to move between IT and OT environments, a study has revealed.
  • Cyber threat to industrial control systems highest yet.
  • Airbus is helping to drive the cyber security market for industrial control systems used throughout industry, including many providers of critical national infrastructure.
  • There is a pressing need to improve cyber security in industrial control system environments, according to security certification body Crest.

At the time of advisory publication, it said there was no known public exploitation of this security vulnerability.

Siemens thanked researchers Georgy Zaytsev, Dmitry Sklyarov, Druzhinin Evgeny, Ilya Karpov and Maxim Goryachy from Positive Technologies for their efforts and coordinated disclosure.

Almost 40% of industrial control systems (ICS), including PLCs, faced attacks in the second half of 2017, but industrial and energy firms are finding these systems difficult to secure, according to a report by Kaspersky Lab in August 2018.

Understaffing, underinvestment and the human factor are the top three challenges to keeping industrial networks secure, the security firm’s State of industrial cybersecurity 2018 survey revealed.

Read more on Hackers and cybercrime prevention