ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

October 11, 2023 at 06:42AM

Siemens and Schneider Electric have released their Patch Tuesday advisories for October 2023, addressing over 40 vulnerabilities in their products. Siemens has published a dozen advisories, including vulnerabilities in the Ruggedcom APE1808 platform and Nozomi Networks’ Guardian product. Nozomi has already patched these vulnerabilities. Schneider Electric has released advisories for three critical vulnerabilities in the SpaceLogic C-Bus Toolkit and EcoStruxure Power Monitoring Expert products, which can lead to remote code execution.

Summary of Meeting Notes:

– Siemens has published a dozen new advisories addressing 41 vulnerabilities in their products.
– One advisory focuses on vulnerabilities in Siemens’ Ruggedcom APE1808 industrial application hosting platform. These vulnerabilities are related to Nozomi Networks’ Guardian product and the Central Management Console (CMC). Nozomi has already patched the vulnerabilities, and Siemens is working on releasing patches for their Ruggedcom product.
– The vulnerabilities can be exploited to obtain information, execute arbitrary JavaScript code, hijack user sessions, and cause a denial-of-service (DoS) condition. However, authentication and elevated privileges are required for exploitation, and the risk level for Nozomi’s customers is assessed as medium.
– Three critical vulnerabilities have already been patched by Siemens. These include flaws in Scalance W1750D (originally found in Aruba products), a Simcenter Amesim bug, and a hardcoded ID in Sicam A8000 remote terminal units (RTUs).
– High-severity vulnerabilities have been addressed in Sinema Server, Sicam PAS/PQS, Siemens Xpedition Layout Browser, Sinec NMS, Tecnomatix Plant Simulation, and Sicam A8000 RTUs.
– Medium-severity vulnerabilities have been patched in the Mendix ‘forgot password’ module and Simatic CP devices.
– Schneider Electric has released two advisories addressing three critical vulnerabilities.
– Two vulnerabilities impact the SpaceLogic C-Bus Toolkit, allowing remote code execution and file tampering.
– The third critical flaw affects EcoStruxure Power Monitoring Expert (PME) and EcoStruxure Power Operation products, enabling code execution through specially crafted packets.

Please note that this is a summary and may not include all details from the meeting notes.

Full Article