OTPulse
FeedAboutContact

Siemens Desigo PXC (Update C)

Act Now9.8ICS-CERT ICSA-18-025-02BJan 24, 2018
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Siemens Desigo PXC/PXM controllers contain a vulnerability that allows unauthenticated remote attackers to upload malicious firmware without prior authentication. The vulnerability affects multiple models and firmware versions across the PXC and PXM product lines.

What this means
What could happen
An attacker could upload malicious firmware to a Desigo controller over the network without credentials, gaining full control over the device and all connected building automation systems, HVAC, lighting, or other mechanical systems it manages.
Who's at risk
Building automation and facilities management teams. Any organization using Siemens Desigo PXC or PXM controllers for HVAC systems, lighting control, energy management, or other building systems should verify their firmware versions. This includes water authorities and utilities with building automation infrastructure, hospitals, schools, office buildings, and data centers.
How it could be exploited
An attacker with network access to the device can send a firmware upload request directly to the controller's management interface without providing authentication credentials. The device accepts the malicious firmware and loads it, allowing the attacker to execute arbitrary code on the controller.
Prerequisites
  • Network access to the Desigo controller management interface (typically HTTP/HTTPS port)
remotely exploitableno authentication requiredlow complexitycritical CVSS score (9.8)affects building automation systems
Exploitability
Low exploit probability (EPSS 1.0%)
Affected products (44)
44 with fix
ProductAffected VersionsFix Status
Desigo PXC00-E.D V4.10<V4.10.1114.10.111
Desigo PXC00-E.D V5.00<V5.0.1715.0.171
Desigo PXC00-E.D V5.10<V5.10.695.10.69
Desigo PXC00-E.D V6.00<V6.0.2046.0.204
Desigo PXC00/64/128-U V4.10<V4.10.1114.10.111
Remediation & Mitigation
0/14
Do now
0/1
HARDENINGRestrict network access to Desigo controller management interfaces using firewall rules to allow only authorized engineering workstations and management systems
Schedule — requires maintenance window
0/11

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Desigo PXC00-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC00/64/128-U controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC001-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC100-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC12-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC200-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC22-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC22.1-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC36.1-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXC50-E.D controllers to firmware version 4.10.111 or later
HOTFIXUpdate Desigo PXM20-E controllers to firmware version 4.10.111 or later
Long-term hardening
0/2
HARDENINGIsolate Desigo controllers from the business network and place behind firewalls to minimize Internet exposure
HARDENINGUse VPN for any required remote access to Desigo controllers, and ensure VPN infrastructure is updated to the latest version
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/4e63a0f4-adf6-4db0-81f8-288eb6bc1e2b