From Siemens on S7 Vulnerabilities #siemens #cybersecurity #stuxnet #malware #pauto #mfg #manufacturing

June 13, 2011

I just received the following release from Mike Krampe at Siemens:

Update on S7 Vulnerabilities    (Status June 13, 2011)

Despite recent news reports, Siemens latest software vulnerabilities are not caused by malware (like Stuxnet), but by a weakness in communication functions of its Programmable Logic Controller (PLC) product, called S7-1200. The vulnerability was discovered by an NSS Labs researcher and resulted in an ICS-CERT security advisory.

I just received the following release from Mike Krampe at Siemens:

Update on S7 Vulnerabilities    (Status June 13, 2011)

Despite recent news reports, Siemens latest software vulnerabilities are not caused by malware (like Stuxnet), but by a weakness in communication functions of its Programmable Logic Controller (PLC) product, called S7-1200. The vulnerability was discovered by an NSS Labs researcher and resulted in an ICS-CERT security advisory.

On Friday, June 10, Siemens released a firmware update of its S7-1200 PLC that eliminates vulnerabilities and improves the security and robustness of its S7-1200 product family. To download the firmware and to obtain more detailed information, please visit: www.siemens.com/networkbehavior-S7-1200.

At this point, Siemens is not aware of any customers affected by the identified weak points found in its S7-1200 PLCs. The company would like to emphasize that it is fully committed to maintaining the highest quality products with the most stringent security standards. Siemens experts have been working closely with ICS-CERT and various user communities to continuously improve the Siemens industrial controller products. Siemens continues to recommend to all its customers that they implement the appropriate security measures (e.g. firewall, secure switches and gateways) in their facilities that are typically separate from the actual PLCs. Find more info at www.siemens.com/industrialsecurity.

As a further precaution, Siemens controllers, including the S7-300/400 families, are being tested against the discovered vulnerability scenarios. Today, Siemens can already exclude any vulnerability of the S7-300/400 against the “denial of service” scenario. Ongoing and extensive tests of further security scenarios are currently underway in our R&D labs. Depending on the results of those tests, the company will react accordingly. If any customers have concerns that an unauthorized person has been able to record an online communication between the engineering PC and the PLC, the company recommends an immediate change to the PLC password.

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.