Siemens’s Factory Link Error Permits Hackers to Implement Random Code
Two vulnerabilities discovered by the researcher Kaung-chun hung of Taiwan's information and communication security technology center (ICST) which affect the ActiveX components the Siemens' tecnomatix factory link applications. The report also contains bumper overflow and information corruption susceptibilities, reported infosec ISLAND dated January 5, 2012.
The software used for monitoring and controlling industrial processes in number of industries, including oil and gas, chemicals, food and beverages, and building automation is Siemens tecnomatix factory link.
Siemens' has issued a note to its customer to address these susceptibilities. ICS-CERT has verified that the Siemens has resolved the particular vulnerabilities.
The versions which got affected are V18.104.22.168, V7.5.217 (V7.5 SP2), V6.6.1 (V6.6 SP1), and ICE-CERT has suggested the companies to assess the blow of these susceptibilities on particular structural design, product execution and operational setting.
The "buffer overflow vulnerability" is the first vulnerability which is oppressed by entering long string to long parameter, which causes a buffer overflow that would allow the implementation of a random code. This susceptibility is distantly gullible. To grab the user to the manipulated site, social engineering is needed which may decrease the probability of hit.
The second vulnerability is "data corrupted vulnerability "which is browbeaten by putting in a random data which leads to saving of the file to any specific position on the targeted computer. CVE-2011 4056e was issued to these susceptibilities. Siemens's evaluation of this susceptibility which makes use of CVSSf.Version 2.0 calculator gets by and large 7.7 CVSS score.
This susceptibility is also distantly exploitable but social engineering might be needed to implement a remote exploitable through a maneuvered file or internet page. The vulnerabilities could be exploited by a hacker having modest abilities.
No public exploits are aimed at specific vulnerabilities at this time but to make sure that their customers are not exposed to malevolent actions, Siemens came up with a patch to tackle them.
Siemens Tecnomatix Factory Link consumers are suggested by US-CERT to arrange the patches to confirm that they are protected against the cybercriminals' actions, and also adopt other self-protective measures to make their infrastructure safe against online threat. The measures includes minimizing network exposure for each control system, placing control system network and remote device behind firewall, separating them from business network and lastly adopting safe techniques, like virtual private network, when remote access is needed.
Related article: SANS Highlights Twenty Top Hacker Targets
» SPAMfighter News - 18-01-2012