(Siemens SIPROTEC 4) While performing a security assessment for one of its clients in the critical infrastructure sector, the team Kaspersky Lab Security Services has discovered a significant vulnerability.
CVE-2016-4785 vulnerability could allow an attacker to gain remote access to a limited amount of content on the device's memory from relay protection equipment. The vulnerability was reported to Siemens, the equipment supplier, and has already been repaired.
Η ευπάθεια ανακαλύφθηκε στη μονάδα δικτύου του ρελέ προστασίας Siemens SIPROTEC 4, μιας συσκευής που χρησιμοποιείται ευρέως στον τομέα της ενέργειας για την προστασία του δικτύου από βραχυκυκλώματα ή κρίσιμα φορτία ρεύματος. Μια επιτυχημένη επίθεση μέσω αυτής της ευπάθειας, θα επέτρεπε σ' έναν εισβολέα να διαβάσει από απόσταση μέρος του περιεχομένου της μνήμης της συσκευής, αλλά και να χρησιμοποιήσει τις information που μπορεί να αποσπάσει για περαιτέρω επιθέσεις.
Siemens has recognized the vulnerability and has released one advisory manual with useful instructions on actions to mitigate vulnerability and install updates. Kaspersky Lab urges security experts working for organizations that use this type of equipment to pay particular attention caution in the manual and follow its recommendations.
“Finding vulnerabilities like this is not our primary job, but our experience shows that when we implement security assessment processes, it's almost inevitable that we'll find something. The end user of the products usually has nothing to do with the vulnerability itself, and faces the risk of an attack, even if the rest of their information infrastructure is organized and coordinated quite well. For this reason, it is our responsibility to report any weakness we encounter during our daily work. This is a key part of our contribution to the security community. We would also like to thank ICS CERT for coordinating the disclosure of this vulnerability and Siemens for their swift response upon hearing the news.” comments Sergey Gordeychik, Deputy CTO of Kaspersky Lab's Department of Services.
Κατά τη διάρκεια των τελευταίων 12 μηνών, οι ειδικοί της Kaspersky Lab έχουν αποκαλύψει πάνω από 20 ευπάθειες σε διάφορα προϊόντα hardware και λογισμικού – από οικιακές συσκευές μέχρι συστήματα βιομηχανικού ελέγχου και routers vehicles and trains.
Identifying potential weaknesses in information or industrial infrastructures is the main advantage of Penetration Testing and Security Assessment Services, offered through Kaspersky Security Intelligence Services, Kaspersky Lab's "family" of services, aimed at providing immediate expertise and expertise for business security.
This is a very broad set, including Security Training, Digital Signage and Threat Information.
These services help businesses to support all key aspects of digital resilience strategies, including preventing and identifying threats, responding to attacks and anticipating possible incidents. More information is available on its website Kaspersky Lab.