OTPulse
FeedAboutContact

Siemens PowerSys

Plan Patch9.3ICS-CERT ICSA-24-165-07Jun 11, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

PowerSys before V3.11 contains an authentication bypass vulnerability (CWE-287) that allows a local attacker to gain administrative privileges for managed remote devices without valid credentials. This affects Siemens PowerSys used for managing energy infrastructure devices. Siemens has released version 3.11 with a fix.

What this means
What could happen
A local attacker could bypass authentication on PowerSys and gain administrative privileges to managed remote devices, potentially allowing them to alter device configuration or operations for connected energy infrastructure.
Who's at risk
Energy sector operators managing Siemens PowerSys infrastructure, including utility control centers and remote device management stations that rely on PowerSys for authentication to managed substations, RTUs, or other remote terminal equipment.
How it could be exploited
An attacker with local access to the PowerSys management system could exploit an authentication bypass to gain administrative privileges without credentials, then use those privileges to reconfigure or control connected remote devices.
Prerequisites
  • Local access to the PowerSys management system
  • PowerSys version prior to V3.11 must be installed
Local access required but no authentication neededLow complexity attackAffects administrative access to energy infrastructureHigh CVSS score (9.3)
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
PowerSys<V3.113.11
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGRestrict local access to PowerSys management systems through physical and network access controls
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PowerSys to version 3.11 or later
Long-term hardening
0/2
HARDENINGPlace PowerSys and managed devices behind firewalls and isolate them from business networks
HARDENINGImplement network segmentation to ensure control system devices are not accessible from the internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/405e13e4-7ed6-4246-86ed-c552e06b824a
Siemens PowerSys | CVSS 9.3 - OTPulse