Rewterz Threat Advisory – ICS: CVE-2019-10923 – Siemens Industrial Real-Time (IRT) Devices Improper Input Validation Vulnerability

Wednesday, February 12, 2020

Severity

High

Analysis Summary

Updates have been released for a vulnerability in Siemens Industrial Real-time Devices. The vulnerability is exploitable remotely with a low skill level required to exploit it. It’s an improper input validation vulnerability. An attacker sending a specially crafted packet could break the real-time synchronization of the affected installation, which may cause a denial-of-service condition.
CVE-2019-10923 has been assigned to this vulnerability.

Impact

Denial-of-service

Affected Vendors

Siemens

Affected Products

  • CP1604/CP1616: All versions prior to 2.8
  • Development/Evaluation Kits for PROFINET IO
  • DK Standard Ethernet Controller: All versions prior to 4.1.1 Patch 05
  • EK-ERTEC 200: All versions prior to 4.5.0 Patch 01
  • EK-ERTEC 200P: All versions prior to 4.5.0
  • SCALANCE X-200IRT: All versions prior to 5.2.1
  • SIMATIC ET 200M: All versions
  • SIMATIC ET 200S: All versions
  • SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0): All versions
  • SIMATIC ET 200pro: All versions
  • SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0: All versions
  • SIMATIC S7-300 CPU family (incl. F): All versions
  • SIMATIC S7-400 (incl. F) v6 and below: All versions
  • SIMATIC S7-400 PN/DP v7 (incl. F): All versions
  • SIMATIC WinAC RTX (F) 2010: All versions prior to SP3
  • SIMOTION: All versions
  • SINAMICS DCM: All versions prior to 1.5 HF1
  • SINAMICS DCP: All versions prior to 1.3
  • SINAMICS G110M v4.7 (Control Unit): All versions prior to 4.7 SP10 HF5
  • SINAMICS G120 v4.7 (Control Unit): All versions prior to 4.7 SP10 HF5
  • SINAMICS G130 v4.7 (Control Unit): All versions prior to 4.7 HF29
  • SINAMICS G150 (Control Unit): All versions prior to 4.8
  • SINAMICS GH150 v4.7 (Control Unit): All versions
  • SINAMICS GL150 v4.7 (Control Unit): All versions
  • SINAMICS GM150 v4.7 (Control Unit): All versions
  • SINAMICS S110 (Control Unit): All versions
  • SINAMICS S120 v4.7 (Control Unit and CBE20): All versions prior to 4.7 HF34
  • SINAMICS S150 (Control Unit): All versions prior to 4.8
  • SCALANCE X-200IRT switch family (incl. SIPLUS NET variants): All versions prior to 5.2.1
  • SIMATIC ET 200M (incl. SIPLUS variants): All versions
  • SIMATIC ET 200S (incl. SIPLUS variants): All versions
  • SIMATIC ET 200pro (incl. SIPLUS variants): All versions
  • SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants): All versions
  • SIMATIC S7-400 (incl. F) v6 and below CPU family (incl. SIPLUS variants): All versions
  • SIMATIC S7-400 PN/DP v7 CPU family (incl. SIPLUS variants): All versions
  • SIMOTION (incl. SIPLUS variants): All versions
  • SINAMICS G120 v4.7 Control Unit (incl. SIPLUS variants): All versions prior to 4.7 SP10 HF5
  • SINAMICS S120 v4.7 Control Unit and CBE20 (incl. SIPLUS variants): All versions prior to 4.7 HF34
  • SINAMICS SL150 v4.7 (Control Unit): All versions prior to 4.7 HF33
  • SINAMICS SL150 v4.7 (Control Unit): All versions
  • SINAMICS SM120 v4.7 (Control Unit): All versions
  • SINUMERIK 828D: All versions prior to 4.8 SP5
  • SINUMERIK 840D sl: All versions

Remediation

Following updates are available.

  • CP1604/CP1616: Update to v2.8
  • Development/Evaluation Kits for PROFINET IO:
  • DK Standard Ethernet Controller: Update to v4.1.1 Patch 05
  • EK-ERTEC 200: Update to v4.5.0 Patch 01
  • EK-ERTEC 200: Update to v4.5.0 Patch 01
  • EK-ERTEC 200P: Update to v4.5.0
  • SCALANCE X-200IRT: Update to v5.4.2
  • SIMATIC WinAC RTX (F) 2010: Update to SP3, apply BIOS and Microsoft Windows updates
  • SINAMICS DCM: Update to v1.5 HF1
  • SINAMICS G110M v4.7 (Control Unit): Update to v4.7 SP10 HF5
  • SINAMICS G120 v4.7 (Control Unit): Update to v4.7 SP10 HF5
  • SINAMICS G130 v4.7 (Control Unit): Update to v4.7 HF29 or upgrade to v5.2 HF2
  • SINAMICS S120 v4.7 (Control Unit and CBE20): Update to v4.7 HF34 or upgrade to v5.2 HF2
  • SINAMICS DCP: Upgrade to v1.3

The following updates can be obtained from a Siemens representative or via Siemens customer service.

  • SINAMICS GH150 v4.7 (Control Unit): Upgrade to v4.8 SP2 HF9
  • SINAMICS GL150 v4.7 (Control Unit): Upgrade to v4.8 SP2 HF9
  • SINAMICS GM150 v4.7 (Control Unit): Upgrade to v4.8 SP2 HF9
  • SINUMERIK 828D: Update to v4.8 SP5
  • SINAMICS SL150 v4.7 (Control Unit): Update to v4.7 HF33

Additionally,

  • Restrict network access to Port 161/TCP of the affected product.
  • Disable SNMP in Versions 1 and 2c, if supported by the product.
  • Enable SNMP v3 if required and supported by the product to restrict the vulnerability to authenticated users.
  • Enable access protection and change default credentials for SNMP service, if possible.

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 23, February 2020 Rewterz Threat Advisory – CVE-2019-16028 – Cisco Firepower Management Center
  • 17, February 2020 Rewterz Threat Alert – Satan ransomware rebrands as 5ss5c ransomware
  • 14, February 2020 Rewterz Threat Alert – Emotet Malware Hacks Nearby Wi-Fi Networks to Infect New Victims
  • 13, February 2020 Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution

Copyright © Rewterz. All rights reserved.