Over a Dozen Flaws Found in Siemens' Industrial Network Management System

2022-06-19 22:11

Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system, some of which could be chained by an attacker to achieve remote code execution on affected systems.

"The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution in certain circumstances," industrial security company Claroty said in a new report.

"The most severe could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions," Siemens noted in an advisory at the time.

Another notable flaw relates to a case of SQL injection that could be exploited by an authenticated attacker to execute arbitrary commands in the local database.

"SINEC is in a powerful central position within the network topology because it requires access to the credentials, cryptographic keys, and other secrets granting it administrator access in order to manage devices in the network," Claroty's Noam Moshe said.

"From an attacker's perspective carrying out a living-off-the-land type of attack where legitimate credentials and network tools are abused to carry out malicious activity, access to, and control of, SINEC puts an attacker in prime position for: reconnaissance, lateral movement, and privilege escalation."

News URL

https://thehackernews.com/2022/06/over-dozen-flaws-found-in-siemens.html

#management #siemens