Siemens Products using TightVNC (Update A)

Act Now9.8ICS-CERT ICSA-20-343-08Dec 8, 2020

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple Siemens HMI Comfort Panels, KTP Mobile Panels, ITC industrial thin clients, and WinCC Runtime products were initially listed as affected by TightVNC (V1.x) vulnerabilities that could allow remote code execution and denial-of-service attacks. Following further investigation, Siemens determined that all previously listed products are not affected by any of the vulnerabilities described in this advisory. This advisory serves as a retraction of earlier claims.

What this means

What could happen

Siemens has determined that none of the previously listed products are actually affected by the TightVNC vulnerabilities described in this advisory. No impact to operations is expected from these particular vulnerabilities.

Who's at risk

This advisory affects multiple Siemens HMI panels (Comfort and KTP Mobile) and industrial thin clients (ITC series), as well as WinCC Runtime software used in manufacturing and process control environments. However, Siemens has retracted the vulnerability claim and confirmed these products are not affected.

How it could be exploited

This advisory has been retracted. Siemens' investigation confirmed that the listed products do not contain the vulnerable TightVNC code, so the attack path described in the original advisory does not apply.

Prerequisites

Not applicable—the products are not affected.

Advisory retracted by vendor; no actual vulnerability in listed products

Exploitability

Moderate exploit probability (EPSS 2.6%)

Affected products (11)

11 pending

ProductAffected VersionsFix Status

SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants)All versionsNo fix yet

SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants)All versionsNo fix yet

SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900FAll versionsNo fix yet

SIMATIC ITC1500 V3.1All versionsNo fix yet

SIMATIC ITC1500 V3.1 PROAll versionsNo fix yet

SIMATIC ITC1900 V3.1All versionsNo fix yet

SIMATIC ITC1900 V3.1 PROAll versionsNo fix yet

SIMATIC ITC2200 V3.1All versionsNo fix yet

Remediation & Mitigation

0/2

Long-term hardening

0/2

HARDENINGReview Siemens Security Advisory SSA-478893 for context on this retraction and any related security updates

HARDENINGImplement network segmentation and access controls to HMI and ITC devices as a general security best practice, following Siemens operational security guidelines

CVEs (4)

CVE-2019-8287 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/3e429879-da0c-4ff6-a7bb-dfeb730d86c8