Two vulnerabilities allow DOS attack and hacking most of Siemens industrial devices

A Siemens security report includes details about six of the recently released system updates, including three reports on the SegmentSmack vulnerability that affects various company products. Specialists from a cyber security course also highlight the presence of two vulnerabilities that could be exploited to deploy denial of service (DDoS) attacks by sending specially designed packages to the target system.

The two vulnerabilities, identified as CVE-2018-5390 and CVE-2018-5391, were dubbed SegmentSmack and FragmentSmack. According to specialists, these safety flaws could be present in products from multiple different suppliers, mainly Siemens.

In its security alert, Siemens reported that these flaws affect various devices such as ROX-based routers, endpoints, and VPN firewalls, SCALANCE routers and firewalls, SIMANTIC communication processors, and SINEMA Remote Connect. A third security alert concerns CVE-2019-19301, a vulnerability that affects SIMANTIC communication modules, SCALANCE X switches SIPLUS devices, as mentioned by cyber security course specialists.

A subsequent warning related to SegmentSmack describes a flaw that allows a DoS attack on the Interniche-based TCP stack. This condition, identified as the CVE-2019-19300 vulnerability, this flaw affects Siemens SIDOOR gate management system, various types of SIMATIC devices, SINAMICS converters, in addition to SIPLUS products, ensured cyber security course specialists.

In response to security flaws, Siemens released multiple firmware updates for some of the affected products, while announcing that the full patches would be ready as soon as possible. Users of affected deployments are encouraged to check the company’s official platforms for updates to their products are already available. Otherwise, it is recommended to follow the security recommendations issued by the company to mitigate the risk of exploiting these vulnerabilities until official updates are available.

According to the International Institute of Cyber Security (IICS), Siemens also informed its customers of a severe flaw in the DHCP client that affects SIMONTICS, Desigo, APOGEE and TALON products, as well as flaws in TIM communication modules and two XSS vulnerabilities present in the Climatix POL908 and POL909 modules.

For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the Website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.