Siemens SIMATIC CP (Update A)
Monitor6.5ICS-CERT ICSA-21-257-06Sep 14, 2021
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A cleartext vulnerability exists in the SIMATIC CP 1543-1 and CP 1545-1 communication processors that allows an attacker with network access to read sensitive information such as credentials and configuration data. This affects information confidentiality on devices used to manage networked industrial control systems. Siemens has released firmware updates (v3.0 for CP 1543-1, v1.1 for CP 1545-1) to address the issue.
What this means
What could happen
An attacker with network access to a Siemens SIMATIC CP communication processor could read sensitive information stored in cleartext, such as authentication credentials or configuration data, potentially compromising the integrity of networked automation systems.
Who's at risk
Facility automation and process control operations that rely on Siemens SIMATIC CP 1543-1 or CP 1545-1 communication processors for networked control, including water treatment facilities, power distribution systems, and industrial manufacturing plants using TIA Portal engineering environments.
How it could be exploited
An attacker on the same network segment as a vulnerable SIMATIC CP 1543-1 or CP 1545-1 device could intercept or directly access cleartext data transmitted by or stored on the device without needing credentials or special knowledge of the device configuration.
Prerequisites
- Network access to the SIMATIC CP device on the same local network segment (AV:A)
- Device running affected firmware version (CP 1543-1 <V3.0 or CP 1545-1 <V1.1)
- No special credentials or authentication required
Remotely exploitable (adjacent network access)No authentication requiredLow complexity attackAffects network-critical control system components
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SIMATIC CP 1543-1 (incl. SIPLUS variants)<V3.03.0
SIMATIC CP 1545-1<V1.11.1
Remediation & Mitigation
0/4
Do now
0/2HARDENINGRestrict network access to the SIMATIC CP devices using firewall rules and network segmentation—allow communication only from authorized engineering workstations and control system networks
HARDENINGIsolate control system network containing the SIMATIC CP from the business network and the Internet
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
SIMATIC CP 1545-1
HOTFIXUpdate SIMATIC CP 1545-1 to firmware version 1.1 or later
All products
HOTFIXUpdate SIMATIC CP 1543-1 (including SIPLUS variants) to firmware version 3.0 or later, then migrate the TIA Portal engineering project to v17 and recompile and download to the device
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/e29c85b9-d35a-4207-9e21-3ffc853c3860