OTPulse
FeedAboutContact

Siemens SIMATIC and SIMIT

Monitor5.3ICS-CERT ICSA-24-193-07Jul 9, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Unified Automation .NET based OPC UA Server SDK before 3.2.2 is affected by a denial-of-service vulnerability similar to CVE-2023-27321 in the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load and memory exhaustion, blocking the OPC UA server. The vulnerability affects SIMATIC Energy Manager Basic and PRO (before V7.5), SIMATIC IPC DiagBase, SIMATIC IPC DiagMonitor, SIMIT V10, and SIMIT V11 (before V11.1).

What this means
What could happen
An attacker could exhaust memory and CPU on devices running the affected OPC UA server, causing the server to become unresponsive and blocking legitimate engineering communication or remote monitoring of your industrial process.
Who's at risk
Energy utilities and manufacturing plants that use Siemens SIMATIC Energy Manager (Basic or PRO) for power consumption monitoring, SIMATIC IPC DiagBase/DiagMonitor for diagnostics, or SIMIT for simulation and training should assess their exposure. This affects both active production systems and offline engineering environments.
How it could be exploited
An attacker with network access to the OPC UA server port can send specially crafted requests that trigger memory allocation and high CPU load, causing the server to hang or crash without requiring any authentication.
Prerequisites
  • Network access to the OPC UA server port (typically 4840/TCP or configured alternate port)
  • OPC UA server must be enabled on the affected product
remotely exploitableno authentication requiredlow complexityaffects monitoring and control system availability
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (6)
3 with fix3 EOL
ProductAffected VersionsFix Status
SIMATIC Energy Manager Basic<V7.57.5
SIMATIC Energy Manager PRO<V7.57.5
SIMIT V11<V11.111.1
SIMATIC IPC DiagBaseAll versionsNo fix (EOL)
SIMIT V10All versionsNo fix (EOL)
SIMATIC IPC DiagMonitorAll versionsNo fix (EOL)
Remediation & Mitigation
0/6
Do now
0/2
WORKAROUNDDisable the OPC UA server in affected products if OPC UA is not actively used
HARDENINGRestrict network access to the OPC UA interface to only trusted engineering workstations and SCADA systems
Schedule — requires maintenance window
0/3

Patching may require device reboot — plan for process interruption

SIMATIC Energy Manager Basic
HOTFIXUpdate SIMATIC Energy Manager Basic to version 7.5 or later
SIMATIC Energy Manager PRO
HOTFIXUpdate SIMATIC Energy Manager PRO to version 7.5 or later
SIMIT V11
HOTFIXUpdate SIMIT V11 to version 11.1 or later
Mitigations - no patch available
0/1
The following products have reached End of Life with no planned fix: SIMATIC IPC DiagBase, SIMIT V10, SIMATIC IPC DiagMonitor. Apply the following compensating controls:
HARDENINGIsolate industrial control networks from the business network using firewalls and air-gaps
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/95aac5ae-40cc-4271-abbd-a0504c58a758
Siemens SIMATIC and SIMIT | CVSS 5.3 - OTPulse