• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
August 10, 2021
Rewterz Threat Advisory –Multiple Dell EMC Connectrix B-Series Security Vulnerabilities
August 11, 2021

Rewterz Threat Advisory – ICS: Siemens Industrial Products Intel CPUs Vulnerabilities

August 11, 2021

Severity

High

Analysis Summary

CVE-2020-8670

A race condition in the firmware for some Intel processors may allow a privileged user to enable escalation of privilege via local access.

CVE-2020-8703

Improper buffer restrictions in a subsystem in the Intel CSME versions prior to 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, and 15.0.22 may allow a privileged user to enable escalation of privilege via local access.

CVE-2020-8704

A race condition in a subsystem in the Intel LMS versions prior to 2039.1.0.0 may allow a privileged user to enable escalation of privilege via local access.

CVE-2020-12357

Improper initialization in the firmware for some Intel processors may allow a privileged user to enable escalation of privilege via local access.

CVE-2020-12358

An out-of-bounds write in the firmware for some Intel processors may allow a privileged user to cause a denial-of-service condition via local access.

CVE-2020-12360

An out-of-bounds read in the firmware for some Intel processors may allow an authenticated user to enable an escalation of privilege via local access.

CVE-2020-24486

Improper input validation in the firmware for some Intel processors may allow an authenticated user to potentially enable a denial of service via local access.

CVE-2020-24506

Out-of-bounds read in a subsystem in the Intel CSME versions prior to 12.0.81, 13.0.47, 13.30.17, 14.1.53, and 14.5.32 may allow a privileged user to enable information disclosure via local access.

CVE-2020-24507

Improper initialization in a subsystem in the Intel CSME versions prior 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11, and 15.0.22 may allow a privileged user to enable information disclosure via local access.

CVE-2020-24511

Improper isolation of shared resources in some Intel processors may allow an authenticated user to enable information disclosure via local access.

CVE-2020-24512

An observable timing discrepancy in some Intel processors may allow an authenticated user to enable information disclosure via local access.

CVE-2020-24513

A domain-bypass transient execution vulnerability in some Intel Atom processors may allow an authenticated user to enable information disclosure via local access.

Impact

  • Denial of Services
  • Information Disclosure
  • Unauthorized Access
  • Privilege Escalation
  • Configuration change.

Affected Vendors

  • Siemens

Affected Products

  • SIMATIC Drive Controller Family: All versions
  • SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): All versions
  • SIMATIC Field PG M5: All versions
  • SIMATIC Field PG M6: All versions
  • SIMATIC IPC127E: All versions
  • SIMATIC IPC427E: All versions
  • SIMATIC IPC477E: All versions
  • SIMATIC IPC477E Pro: All versions
  • SIMATIC IPC527GE: All versions
  • SIMATIC IPC547G: All versions
  • SIMATIC IPC627E: All versions
  • SIMATIC IPC647E: All versions
  • SIMATIC IPC677E: All versions
  • SIMATIC IPC847E: All BIOS versions prior to v25.02.10
  • SIMATIC ITP1000: All versions
  • SIMATIC S7-1500 CPU 1518F-4 PN-DP MFP (MLFB: 6ES7518-4FX00-1AC0): All versions
  • SINUMERIK 828D HW PPU.4: All versions
  • SINUMERIK MC MCU 1720: All versions
  • SINUMERIK ONE /
  • SINUMERIK 840D sl Handheld Terminal HT 10: All versions
  • SINUMERIK ONE PPU 1740: All versions
  • SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant): All versions

Remediation

Refer to vendor advisory for the complete list of affected products and their respective patches at

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.