Siemens has released a software patch that mitigates the vulnerability. Siemens has released a Siemens Security Advisoryd (SSA-099471: Buffer Overflow in SIMATIC RF Manager) that details this vulnerability and provides mitigations. This decreases the likelihood of a successful exploit. Social engineering is required to convince the user to visit a malicious Web site using the system containing the SIMATIC RF Manager. DifficultyĮxploiting this vulnerability could be difficult. No known public exploits specifically target this vulnerability. This vulnerability could be exploited remotely. Siemens has assigned a CVSS v2 base score of 6.8 the CVSS vector string is (AV:N/AC:M/Au:N/C:P/I:P/A:P).
This could allow an attacker to execute arbitrary code in the browser context and possibly take control of the system.ĬVE-2013-0656 has been assigned to this vulnerability. If a user has installed the SIMATIC RF Manager’s ActiveX applications on the system and visits a malicious Web site, code within the ActiveX components can be executed, causing a buffer overflow. This component is also shared with other programs, such as Internet browsers. The SIMATIC RF Manager uses an ActiveX component. Vulnerability Characterization Vulnerability Overview Buffer Overflow 1 Siemens is a German-based company that maintains offices in several countries around the world. ERP and MES are widely used in industrial environments such as critical manufacturing, health and healthcare, power generation and distribution, food and beverage, and chemical industries worldwide. This includes collecting supplied data, and compressing this data for enterprise systems, such as the Enterprise Resource Management (ERP) layer and Manufacturing Execution Systems (MES) layer. Products in the Siemens SIMATIC RF Manager family manage connected radio frequency identification (RFID) readers to SIMATIC S7 controllers. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Impact to individual organizations depends on many factors that are unique to each organization. This could impact the setup of systems in the critical manufacturing, health and healthcare, power generation and distribution, food and beverage, and chemical industries.
By exploiting this vulnerability, an attacker could execute remote code and could cause a denial of service of the RF Manager. A user would have to visit a malicious Web site on the system in which RF Manager is installed to exploit the vulnerability. The RF Manager uses ActiveX and this component can also be accessed within Internet browsers.