OTPulse
FeedAboutContact

Siemens OZW672 and OZW772

Monitor7.4ICS-CERT ICSA-17-187-01Jul 6, 2017
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

Siemens OZW672 and OZW772 contain a vulnerability involving weak or missing authentication mechanisms (CWE-306). The vulnerability is remotely exploitable with low complexity and requires no prior authentication. No authentication (PR:N) is needed to exploit this issue. All versions are affected.

What this means
What could happen
An attacker could remotely access OZW672 or OZW772 devices without authentication and potentially read sensitive information or modify device configuration. This could disrupt HVAC automation and control logic in buildings served by these outdoor units.
Who's at risk
HVAC contractors and facility managers operating buildings with Siemens OZW672 or OZW772 outdoor unit controllers should implement compensating controls immediately, as these devices have no authentication protecting remote access. This affects any organization relying on these outdoor units for air handling and climate control.
How it could be exploited
An attacker on the network or with network access to the OZW672/OZW772 device could directly interact with the device's remote interface without providing credentials, allowing them to query device state and potentially modify settings. The remote network path and lack of authentication checks make this straightforward to exploit.
Prerequisites
  • Network access to the OZW672 or OZW772 device on ports used for remote management
  • No authentication required
remotely exploitableno authentication requiredlow complexityno patch available
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
OZW672: All versionsAll versionsNo fix (EOL)
OZW772: All versionsAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/2
HARDENINGImplement network segmentation to restrict access to OZW672 and OZW772 devices from untrusted networks. Only allow access from authorized HVAC management workstations.
WORKAROUNDDeploy firewall rules to block inbound access to OZW672 and OZW772 remote management ports from networks outside your critical infrastructure zone.
Long-term hardening
0/1
HOTFIXMonitor Siemens Security Advisory SSA-563539 for vendor updates or patches when they become available.
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/7007856c-19d6-401c-bf0e-d184e61bd298
Siemens OZW672 and OZW772 | CVSS 7.4 - OTPulse