ICS: Siemens SIMATIC Vulnerability

Severity

High

Analysis Summary

CVE-2023-50763

Siemens SIMATIC CP, SIPLUS ET, TIM are vulnerable to a denial of service, caused by an infinite loop when processing incomplete certificate chains. By persuading a victim to parse a specially crafted certificate file, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2023-50763

Affected Vendors

Siemens

Affected Products

Siemens SIMATIC CP 1542SP-1
Siemens SIMATIC CP 1543SP-1
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL
Siemens SIPLUS TIM 1531 IRC
Siemens TIM 1531 IRC

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory

APT Group Gamaredon aka Shuckworm – Active IOCs

CVE-2024-32896 – Google Android Vulnerability Exploit in the Wild

ICS: Siemens SIMATIC Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan