OTPulse
FeedAboutContact

Siemens SIPORT MP

Monitor6.5ICS-CERT ICSA-20-042-08Feb 11, 2020
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

Siemens SIPORT MP versions prior to 3.1.4 contain a vulnerability that allows an authenticated user with administrative privileges to read sensitive data and modify system configuration without proper authorization controls. The vulnerability could allow unauthorized changes to system settings or disclosure of sensitive operational information. CWE-778 (Insufficient Logging).

What this means
What could happen
An attacker with administrative credentials could read sensitive system data or modify system configuration on the SIPORT MP, potentially disrupting port authority operations or compromising system integrity.
Who's at risk
This vulnerability affects Siemens SIPORT MP systems, which are communication and management platforms for port authority and maritime operations. Any port authority or maritime facility using SIPORT MP for vessel traffic management, berth operations, or port logistics should assess this risk.
How it could be exploited
An attacker with administrative access to the SIPORT MP (e.g., through compromised credentials or network access to the management interface) can exploit this vulnerability to read or modify system data without proper authorization controls. The vulnerability requires administrative privilege, so exploitation is possible if an admin account is compromised or if the device is exposed to an untrusted network.
Prerequisites
  • Administrative credentials for SIPORT MP
  • Network access to the SIPORT MP management interface
remotely exploitablerequires administrative credentialsmedium CVSS score (6.5)affects confidentiality and integrity
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
SIPORT MP: All<3.1.43.1.4
Remediation & Mitigation
0/6
Do now
0/2
WORKAROUNDFor SIPORT MP 2.2 or later: run the SIPORT_CleanUsers tool to remove unauthorized user accounts
HARDENINGRestrict network access to SIPORT MP management interface using firewall rules; block access from untrusted networks and the Internet
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIPORT MP to version 3.1.4 or later
HOTFIXFor SIPORT MP 3.0.x systems: apply the latest hotfix for Version 3.0.3
Long-term hardening
0/2
HARDENINGIsolate SIPORT MP on a protected control network segment separate from business IT networks
HARDENINGIf remote access to SIPORT MP is required, use a VPN with current security patches
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/4ae3128d-c6d6-4d7a-81e3-6cc4e92df3bc
Siemens SIPORT MP | CVSS 6.5 - OTPulse