Rewterz Threat Advisory – ICS: Siemens Siveillance VMS Multiple Vulnerabilities
June 13, 2019Rewterz Threat Advisory -CVE-2019-6567 – ICS: Siemens SCALANCE X Password Protection Vulnerability
June 13, 2019Rewterz Threat Advisory – ICS: Siemens Siveillance VMS Multiple Vulnerabilities
June 13, 2019Rewterz Threat Advisory -CVE-2019-6567 – ICS: Siemens SCALANCE X Password Protection Vulnerability
June 13, 2019Severity
Medium
Analysis summary
CVE-2019-6571
An attacker with network access to Port 10005/TCP of the LOGO!8 device could cause a denial-of-service condition by sending specially crafted packets. This security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required, and successful exploitation could compromise the availability of the targeted system.
CVE-2019-6584
The integrated webserver does not invalidate the Session ID upon user logout. An attacker who successfully extracted a valid Session ID is able to use it even after the user logs out. This security vulnerability could be exploited by an attacker in a privileged network position who is able to read the communication between the affected device and the user, or by an attacker who is able to obtain valid Session IDs through other means. To facilitate this exploit, the user must first invoke a session to the affected device.
Impact
- Improper Restriction of Operations within the Bounds of a Memory Buffer,
- Session Fixation
Affected Vendors
Siemens
Affected Products
LOGO!8 devices
Remediation
Vendor has released updates at for the following product:
https://support.industry.siemens.com/cs/ww/en/view/109767410