Rewterz

Rewterz Threat Alert – New JavaScript Skimmer Found on Ecommerce Sites

November 18, 2019
Rewterz

Rewterz Threat Alert – A New Multiplatform Backdoor Targeting Linux

November 19, 2019

Rewterz Threat Advisory – CVE-2019-13945 – ICS: Undocumented access feature in Siemens SIMATIC PLCs Code Execution Vulnerability

Severity

Medium

Analysis Summary

There is an access mode used during manufacturing of S7-1200 CPUs that allows additional diagnostic functionality. Using this functionality requires physical access to the UART interface during boot process.

Impact

Execution arbitrary code

Affected Vendors

Siemens

Affected Products

SIMATIC S7-1200 All versions

Remediation

Apply in depth defense:

https://assets.new.siemens.com/siemens/assets/api/uuid:411e91564a2d259ecd4b6c79b51f89c044b3de81/operational-guidelines-industrial-security-en.pdf

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.