(Siemens SIPROTEC 4) When performing an evaluation better safetyς για έναν από τους πελάτες της στον τομέα των κρίσιμων υποδομών, η ομάδα Υπηρεσιών Ασφάλειας της Kaspersky Lab ανακάλυψε μία σημαντική ευπάθεια.
CVE-2016-4785 Vulnerability could allow an attacker to remotely access a limited size of device memory content from the equipment protectionof relays. The vulnerability was reported to Siemens, the supplier of the equipment, and has already been patched.
The vulnerability was discovered in the network module of the Siemens SIPROTEC 4 protection relay, a device widely used in the energy sector to protect the network from short circuits or critical current loads. A successful attack through this vulnerability would allow an attacker to remotely read part of the device's memory content, but also use the information they can extract for further attacks.
Siemens has recognized the vulnerability and has released one advisory manual with useful instructions on actions to mitigate vulnerability and install updates. Kaspersky Lab urges security professionals working for organizations using this type of equipment to pay special attention to the manual and follow its recommendations.
“Finding vulnerabilities like this is not our primary job, but our experience shows that when we implement security assessment processes, it's almost inevitable that we'll find something. The end user of the products usually has nothing to do with the vulnerability itself, and faces the risk of an attack, even if the rest of their information infrastructure is organized and coordinated quite well. For this reason, it is our responsibility to report any weakness we encounter during our daily work. This is a key part of our contribution to the security community. We would also like to thank ICS CERT for coordinating the disclosure of this vulnerability and Siemens for their swift response upon hearing the news.” comments Sergey Gordeychik, Deputy CTO of Kaspersky Lab's Department of Services.
Over the past 12 months, Kaspersky Lab experts have uncovered more than 20 vulnerabilities in various products hardware and software – from household appliances to industrial control systems and vehicle and train routers.
Identifying potential weaknesses in IT or industry infrastructure is the key advantage of Penetration Testing and Security Assessment Services offered through Kaspersky Security Intelligence Services, the "family" of services available to Kaspersky Lab, with the aim of providing immediate know-how and specialization for business safety.
This is a very broad set, including Security Training, Digital Signage and Threat Information.
These services help businesses to support all key aspects of digital resilience strategies, including preventing and identifying threats, responding to attacks and anticipating possible incidents. More information is available on its website Kaspersky Lab.