The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Siemens

Over a Dozen Flaws Found in Siemens' Industrial Network Management System

Over a Dozen Flaws Found in Siemens' Industrial Network Management System

June 17, 2022Ravie Lakshmanan
Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution in certain circumstances," industrial security company Claroty  said  in a new report. The shortcomings in question — tracked from CVE-2021-33722 through CVE-2021-33736 — were addressed by Siemens in version V1.0 SP2 Update 1 as part of patches shipped on October 12, 2021. "The most severe could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions," Siemens  noted  in an advisory at the time. Chief among the weaknesses is CVE-2021-33723 (CVSS score: 8.8), which allows for privilege escalation to
13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment

13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment

November 10, 2021Ravie Lakshmanan
As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak. Collectively called " NUCLEUS:13 ," successful attacks abusing the flaws can "result in devices going offline and having their logic hijacked," and "spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept (PoC) successfully  demonstrating  a scenario that could potentially disrupt medical care and critical processes. Siemens has since released  security updates  to remediate the weaknesses in Nucleus ReadyStart versions 3 (v2017.02.4 or later) and 4 (v4.1.1 or later). Primarily deployed in automotive, industrial, and medical applications, Nucleus
A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely

A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely

May 31, 2021Ravie Lakshmanan
Siemens on Friday shipped firmware updates to address a severe vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to remotely gain access to protected areas of the memory and achieve unrestricted and undetected code execution, in what the researchers describe as an attacker's "holy grail." The memory protection bypass vulnerability, tracked as CVE-2020-15782 (CVSS score: 8.1), was discovered by operational technology security company Claroty by reverse-engineering the MC7 / MC7+ bytecode language used to execute PLC programs in the microprocessor. There's no evidence that the weakness was abused in the wild. In an  advisory  issued by Siemens, the German industrial automation firm said an unauthenticated, remote attacker with network access to TCP port 102 could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. "Ach
Siemens Contractor Pleads Guilty to Planting 'Logic Bomb' in Spreadsheets

Siemens Contractor Pleads Guilty to Planting 'Logic Bomb' in Spreadsheets

July 24, 2019Wang Wei
A former Siemens contractor has pledged guilty in federal court Friday to secretly planting code in automated spreadsheets he had created for the company over a decade ago that deliberately crashes the program every few years. David Tinley, a 62-year-old resident of Harrison City, Pennsylvania, was hired by Siemens as a contract employee for Monroeville, Pennsylvania location, in 2002 to create custom automated spreadsheets for various Siemens projects related to the power generation industry. However, according to the United States Justice Department ( DoJ ), Tinley intentionally and without the company's knowledge or authorization inserted "logic bombs" into computer programs that caused glitches in the spreadsheet after the expiration of a certain date. Logic Bomb is a piece of computer code intentionally inserted into software or system to carry out specific operations like crash or malfunction after certain conditions are met, or an amount of time has expire
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.