Cybersecurity

CISA has published an advisory on a resource exhaustion vulnerability in Siemens SIMATIC S7-1500 CPU family. Multiple products and versions of these products are affected. This vulnerability could allow a remote attacker to conduct denial-of-service attacks. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available. CISA also recommends a series of measures to mitigate the vulnerabilities.

CISA has published an advisory on an insufficient logging vulnerability in Siemens SIPORT MP. All versions prior to 3.1.4 are affected. Successful exploitation of this vulnerability could allow the attacker to create special accounts with administrative privileges. Siemens recommends users update to Version 3.1.4 and has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

CISA has published an advisory on improper access control and loop with unreachable exit condition vulnerabilities in Siemens SIMATIC CP-1543-1. All versions starting at 2.0 and prior to 2.2. are affected. Successful exploitation of these vulnerabilities could allow remote attackers to conduct a denial-of-service attack by sending specially crafted packets to Port 161/UDP (SNMP). The latest update for SIMATIC CP 1543-1 contains fixes for the vulnerabilities within its embedded ProFTPD FPT server. Siemens recommends updating SIMATIC CP 1543-1 modules to Version 2.2.

With ransomware attacks evolving to include additional fallout such as data breaches, even organizations that seemed well-prepared can fall victim, as described in an ArsTechnica post about the Credit Union National Association (CUNA).