(Siemens SIPROTEC 4) While performing a security assessment for one of its clients in the critical infrastructure sector, Kaspersky Lab's Security Services team discovered a significant vulnerability.
CVE-2016-4785 vulnerability could allow an attacker to gain remote access to a limited amount of content on the device's memory from relay protection equipment. The vulnerability was reported to Siemens, the equipment supplier, and has already been repaired.
The vulnerability was discovered in the network module of the Siemens SIPROTEC 4 protection relay, a device widely used in the field of energy για την προστασία του δικτύου από βραχυκυκλώματα ή κρίσιμα φορτία ρεύματος. Μια επιτυχημένη επίθεση μέσω αυτής της ευπάθειας, θα επέτρεπε σ' έναν εισβολέα να διαβάσει από απόσταση μέρος του περιεχομένου της μνήμης της συσκευής, αλλά και να χρησιμοποιήσει τις πληροφορίες που μπορεί να αποσπάσει για περαιτέρω attacks.
Siemens has recognized the vulnerability and has released one advisory manual with useful instructions on actions to mitigate vulnerability and install updates. Kaspersky Lab urges security professionals working for organizations using this type of equipment to pay special attention to the manual and follow its recommendations.
“Finding vulnerabilities like this is not our primary job, but our experience shows that when we implement security assessment processes, it's almost inevitable that we'll find something. The end user of the products usually has nothing to do with the vulnerability itself, and faces the risk of an attack, even if the rest of their information infrastructure is organized and coordinated quite well. For this reason, it is our responsibility to report any weakness we encounter during duration της καθημερινή μας work. Αυτό είναι ένα βασικό μέρος της συνεισφοράς μας στην κοινότητα της ασφάλειας. Θα θέλαμε επίσης να ευχαριστήσουμε την ICS CERT για το συντονισμό της αποκάλυψης αυτής της ευπάθειας και τη Siemens για την ταχεία αντίδρασή της στο άκουσμα της είδησης», comments Sergey Gordeychik, Deputy CTO of Kaspersky Lab's Department of Services.
Over the past 12 months, Kaspersky Lab experts have uncovered more than 20 vulnerabilities in various hardware products and software – from household appliances to industrial control systems and vehicle and train routers.
Ο localization πιθανών αδυναμιών στις πληροφοριακές ή τις βιομηχανικές υποδομές είναι το βασικό πλεονέκτημα των Δοκιμών Διείσδυσης και των Υπηρεσιών Αξιολόγησης Ασφάλειας, που προσφέρονται μέσω των Kaspersky Security intelligence Services, the "family" of services available from Kaspersky Lab, with the aim of immediately providing know-how and expertise for business security.
This is a very broad set, including Security Training, Digital Signage and Threat Information.
These services help businesses to support all key aspects of digital resilience strategies, including preventing and identifying threats, responding to attacks and anticipating possible incidents. More information is available on its website Kaspersky Lab.
