Siemens and PKE SiNVR, SiVMS Video Server (Update A)
Act Now9.8ICS-CERT ICSA-19-344-02Dec 10, 2019
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Siemens SiNVR/SiVMS Video Server and SiNVR 3 Central Control Server contain improper authentication vulnerabilities (CWE-306, CWE-261) that allow unauthenticated remote attackers to read the user database and configuration files. The user database contains passwords in obfuscated cleartext. Vulnerability affects v5.0.0 and all versions of SiNVR 3 CCS. Siemens recommends updating to version 5.0.0 or later and applying network-level access controls to protect the server from unauthorized access.
What this means
What could happen
An attacker could read the complete SiNVR/SiVMS user database and extract all user passwords in a readable format, plus access configuration files that may contain additional sensitive information. This compromises authentication for all operators and engineers accessing the video surveillance and control system.
Who's at risk
Water authorities and electric utilities using Siemens SiNVR or PKE SiVMS video server systems for facility surveillance, access control, or security monitoring. Affects both Video Server installations and SiNVR 3 Central Control Server deployments used in security operations centers and control rooms.
How it could be exploited
An attacker with network access to the SiNVR/SiVMS server on port 80/443 (HTTP/HTTPS) can issue unauthenticated requests to download the user database and configuration files without logging in, extracting credentials and system settings.
Prerequisites
- Network access to SiNVR/SiVMS server HTTP/HTTPS ports (80, 443)
- No authentication required
- Vulnerability present in v5.0.0 and all versions before 5.0.0 (SiNVR 3 CCS)
remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)affects security system access control
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
SiNVR/SiVMS Video Server: v5.0.0 and later is affected by CVE-2019-18340≥ 5.0.0 | CVE-2019-183405.0.0
SiNVR 3 Central Control Server (CCS): all- SSA-761844 and ICSA-21-103-105.0.0
SiNVR/SiVMS Video Server: All< 5.0.05.0.0
Remediation & Mitigation
0/3
Do now
0/1HARDENINGApply network segmentation and firewall rules to restrict HTTP/HTTPS access to SiNVR/SiVMS server to authorized engineering and administration networks only
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SiNVR/SiVMS Video Server to version 5.0.0 or later
Long-term hardening
0/1HARDENINGFollow Siemens operational guidelines for industrial security and implement environment protection mechanisms around SiNVR/SiVMS deployment
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/64cf6178-5d6d-4b24-a6fc-1edad1a291fb