Critical Vulnerability in Siemens’ industrial control system

A new vulnerability in a Siemens software platform has been discovered by system audit specialists. If exploited, this flaw would allow hackers to gain access to industrial control systems, which work with this software, to carry out espionage activities or even hardware failures on compromised systems.

One of the main industries that employ these systems is the nuclear power sector. According to the report, the vulnerability affects the same software platform used by the creators of the Stuxnet malware to compromise the systems of an Iranian nuclear facility nearly ten years ago.

A few weeks ago, Siemens received the bug report and released a correction patch. Joe Bingham, system audit expert at security firm Tenable, added that there is no evidence to prove that the vulnerability has been exploited in the wild, at least so far. The company and experts invite organizations using this industrial control software to install the patch as soon as possible.

Through a statement, the company reported, “We released an update for TIA Administrator that fixes a newly discovered vulnerability,” they mention. “Siemens recommends that administrators follow our recommendations to complement safety measures in any industrial environment.” The vulnerability affects Siemens STEP 7 TIA Portal, a widely used design and automation software for industrial control systems.

Although system audit experts claim that the complexity of exploiting this flaw is very high, if successfully performed, an attacker could deploy multiple tasks, such as moving from one system to another and causing extensive damage; “hackers could exploit this vulnerability for industrial espionage, network mapping, and data extraction”, the experts added.

Recently, researchers have focused on vulnerabilities affecting industrial control systems because, over time, they realized that these critical implementations are a particular interest for hacker groups. According to the experts of the International Institute of Cyber Security (IICS) the most interested in these flaws are the hacker groups sponsored by governments around the world, which try to exploit these vulnerabilities to carry out espionage or disruptive activities.