Siemens September 2021 security updates

On 14 September 2021, Siemens published 21 new security advisories and updated 25 which had been previously released. Five of the fixed vulnerabilities are labelled Critical. We recommend installing the latest updates as soon as possible.

Details

• Among the 36 vulnerabilities fixed this month, two received a maximum CVSS v3.1 Base Score of 10.0:
  • CVE-2021-37181 affects the CCOM communication component used by Desigo CC, Desigo CC Compact and Cerberus danger management station (DMS). The application deserializes untrusted data without sufficient validation. Only those systems that use Windows App and/or IE XBAP Web Client are affected. A remote unauthenticated threat actor could send specially-crafted data to the application and execute arbitrary code in the affected system.
  • CVE-2021-31891 is a command injection vulnerability affecting several building management systems that use the Open Interface Services (OIS) application. An unauthenticated remote user could exploit this vulnerability to execute arbitrary code on vulnerable system(s) with root privileges.

• Other vulnerabilities that received a Critical rating are:
  • CVE-2021-27391, a buffer overflow vulnerability in the integrated web server of multiple APOGEE and TALON automation devices. It could allow an unauthenticated remote user to execute arbitrary code on the affected devices with root privileges. CVSS v3.1 Base Score: 9.8.
  • Multiple SmartVNC vulnerabilities in SIMATIC HMI/WinCC Products could allow remote code execution and denial-of-service attacks under certain conditions. One of the flaws is an out-of-bounds memory access issue tracked as CVE-2021-27384. It received a CVSS v3.1 Base Score of 9.8.
  • CVE-2021-37184, an authorization bypass vulnerability in Industrial Edge allows an unauthenticated user to change a password and impersonate any valid user on an affected system. CVSS v3.1 Base Score: 9.8.

Recommendations

• If you are using any of the vulnerable products, apply the latest updates as soon as possible.
• Follow recommended security practices for each product in the applicable Siemens advisory.

References

• Siemens Security Advisories