Critical Vulnerabilities in Rockwell Automation, Siemens and Viessmann Products
Top Vulnerabilities of the Week: Critical Flaws in Rockwell Automation, Siemens and Viessmann
CRIL Research Lab reported several vulnerabilities identified between September 10 and 16. CISA released 29 security advisories, including serious vulnerabilities found in products from Rockwell Automation, Siemens and Viessmann.
This is a critical vulnerability in Rockwell Automation FactoryTalk View Site Edition prior to version 14.0, with a CVSS score of 9.8. Exploitation requires network access, but does not require privileges or user interaction.
Mitigation: Updating the software resolves the issue. Use ODIN capabilities to assess and protect devices.
2. CVE-2024-35783: Execution with Excessive Privileges — Siemens
A critical vulnerability with a CVSS score of 9.1 was discovered in Siemens products, including SIMATIC. Exploitation requires high privileges in network conditions.
Mitigation: Updating the software resolves the vulnerability.
3. CVE-2023-44373: Improper Neutralization of Special Characters — Siemens
This vulnerability was discovered in Siemens devices where input fields are not properly sanitized. As a result, a remote attacker with administrative privileges may inject commands, execute code, or gain root-level access through a command injection attack.
Affected devices include Siemens RUGGEDCOM and SCALANCE product families.
Mitigation: Update the firmware to version 3.0.2 or later.
A critical vulnerability in the Device Token Handler component allows authorization to be bypassed.
Mitigation: Update Siemens Industrial Edge Management to versions 1.9.5 or 2.3.1-1 and later.
5. CVE-2023-46850: Use After Free — Siemens
This vulnerability affects OpenVPN versions 2.6.0–2.6.6 and may lead to memory leakage or remote code execution during the processing of network buffers.
The CVSS score is 9.8. Exploitation requires network access, but does not require privileges or user interaction.
Mitigation: Install the latest updates provided by Siemens to address the vulnerability.
6. CVE-2024-33698: Buffer Overflow — Siemens
A vulnerability in Siemens user management components may lead to a buffer overflow. The CVSS score is 9.8. Exploitation is possible over the network without special privileges.
Mitigation: Use port filtering and update the software.
7. CVE-2023-45852: Command Injection — Viessmann Climate Solutions SE
This vulnerability in the Viessmann Vitogate 300 firmware allows an unauthenticated attacker to inject commands through the `ipaddr` parameter, bypassing authentication.
The vulnerability has a CVSS score of 9.8, indicating critical severity.
Mitigation: Updating the firmware to the latest version resolves the vulnerability.
8. CVE-2023-5222: Use of Hard-Coded Credentials — Viessmann
This critical vulnerability is related to the use of hard-coded passwords in the management interface, allowing remote exploitation of the system without privileges.
Mitigation: Public exploits are available, but the vendor has not yet responded.
The distribution of these vulnerabilities shows that most of the issues fall into critical and high-severity categories, especially in products from vendors such as Siemens and Rockwell Automation.
These vulnerabilities should be addressed as quickly as possible by applying patches and strengthening security measures. Organizations should pay particular attention to regular updates, security monitoring and risk management in order to protect their systems and critical infrastructure from potential threats.