Problems can increase privileges on the system or cause a denial of service to the device.
In a number of Siemens industrial solutions, there are dangerous vulnerabilities that allow you to increase privileges on the system or cause the device to malfunction. These are the Siemens SCALANCE X switches, the SIMATIC WinCC OA SCADA system and the TD Keypad Designer text panel.
Vulnerability CVE-2018-13807affectsversions of Siemens switches SCALANCE X300 series (all versions up to 4.0.0), X400 (all versions up to 4.0.0) and X414 (all versions). The problem is due to insufficient input validation. Having taken advantage of the vulnerability, an attacker could cause a device to malfunction by sending specially crafted packages to the web server. The problem is fixed in the versions of SCALANCE X300 v4.1.2 and SCALANCE X408 v4.1.2.
The SIMATIC WinCC OA platformcontains avulnerability (CVE-2018-13799), through which an attacker can elevate privileges in the context of the SIMATIC WinCC OA. Software versions 3.14 and below are subject to the problem. The vulnerability is fixed in the version of SIMATIC WinCC OA v3.14-P021. The update is available on the manufacturer’s website.
The TD Keypad Designer text panelisvulnerable to the CVE-2018-13806 vulnerability, which allows an attacker to execute code on the system with the privileges of the current user. To exploit the problem, access to the directory containing the TD project file is required. Vulnerability affects all versions of the product.
To reduce the risk of exploiting the vulnerability, the manufacturer recommends that users restrict the write permissions in the TD project folders to only authorized users, and also open TD projects only from trusted sources.