Security News

Siemens Energy confirms data breach after MOVEit data-theft attack
2023-06-27 18:11

Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.Today, Clop listed Siemens Energy on their data leak site, indicating that data was stolen during a breach on the company.

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
2023-01-18 05:56

The U.S. Cybersecurity and Infrastructure Security Agency has published four Industrial Control Systems advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw and command injection.

Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)
2023-01-12 15:29

Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected boot features. Exploitation of these vulnerabilities could allow offline attackers to generate arbitrary encrypted firmware that are bootable on all Siemens S7-1500 series PLC CPU modules.

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover
2023-01-12 14:27

Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them. Put differently, the weaknesses are the result of a lack of asymmetric signature verifications for firmware at bootup, effectively permitting the attacker to load tainted bootloader and firmware while undermining integrity protections.

Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
2022-10-12 10:41

A vulnerability in Siemens Simatic programmable logic controller can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices. "An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections," industrial cybersecurity company Claroty said in a new report.

Over a Dozen Flaws Found in Siemens' Industrial Network Management System
2022-06-19 22:11

Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system, some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution in certain circumstances," industrial security company Claroty said in a new report.

13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment
2021-11-10 02:11

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service, and information leak. Collectively called "NUCLEUS:13," successful attacks abusing the flaws can "Result in devices going offline and having their logic hijacked," and "Spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept successfully demonstrating a scenario that could potentially disrupt medical care and critical processes.

13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment
2021-11-10 02:11

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service, and information leak. Collectively called "NUCLEUS:13," successful attacks abusing the flaws can "Result in devices going offline and having their logic hijacked," and "Spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept successfully demonstrating a scenario that could potentially disrupt medical care and critical processes.

August 2021 ICS Patch Tuesday: Siemens, Schneider Address Over 50 Flaws
2021-08-12 13:10

Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. Siemens has released 10 new advisories for the August 2021 Patch Tuesday and they cover a total of 32 vulnerabilities.

ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities
2021-07-14 14:52

Industrial giants Siemens and Schneider Electric on Tuesday released a total of two dozen advisories covering roughly 100 vulnerabilities affecting their products. The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company's products.