OTPulse
FeedAboutContact

Local Privilege Escalation Vulnerability in Spectrum Power 7

Plan Patch8.2SSA-357182Sep 14, 2023
Attack VectorLocal
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

Spectrum Power 7 is affected by a local privilege escalation vulnerability that allows an authenticated local attacker to inject arbitrary code into the update script. An attacker with local access and elevated privileges (but not admin) could modify the update mechanism to execute unauthorized commands with higher privileges on the system.

What this means
What could happen
An authenticated user with high privileges on a Spectrum Power 7 workstation could escalate to full administrative control, allowing them to modify power system configuration, disable monitoring, or shut down critical control functions.
Who's at risk
Energy utility operators and power system engineers who use Spectrum Power 7 for monitoring and control of electrical distribution networks should prioritize this update. This affects SCADA/EMS (Energy Management System) workstations in control centers and engineering stations.
How it could be exploited
An attacker must first have local access to the Spectrum Power 7 system and existing elevated (but not admin) user credentials. They then inject malicious code into the update script during the software update process, which executes with administrative privileges when the update runs, giving the attacker full system control.
Prerequisites
  • Local access to the Spectrum Power 7 workstation
  • Valid user account with high privileges (but not full admin rights)
  • Update process must be initiated or scheduled
Requires high privileges to exploitLocal access onlyAffects power system control softwareActively patched by vendor
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
Spectrum Power 7< V23Q323Q3
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Spectrum Power 7 to version V23Q3 or later
HOTFIXFor versions prior to V23Q3, contact Siemens customer support for patching options or interim guidance
Long-term hardening
0/2
HARDENINGRestrict local access to Spectrum Power 7 workstations to authorized personnel only
HARDENINGImplement role-based access control to limit the number of users with high (but not admin) privileges on power system workstations
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/5571fbee-7be0-4716-9615-cba5ea692686