Rewterz

Rewterz Threat Advisory – Adobe Releases Patches for 25 Security Vulnerabilities

December 11, 2019
Rewterz

Rewterz Threat Alert – Office 365 App Phishing Campaign

December 12, 2019

Rewterz Threat Advisory – Siemens SCALANCE W700 and W1700 Information Exposure Vulnerability

Severity

Medium

Analysis Summary

An improper enforcement of message integrity during transmission in a communication channel vulnerability is found in the Siemens SCALANCE W700 and W1700 wireless communication devices.

Under certain conditions, the integrity of EAPOL-key messages might not be checked, leading to a decryption oracle. This could be exploited by an attacker within range of the access point, which could allow the abuse of the vulnerability to access confidential data. CVE-2018-14526 has been assigned to this vulnerability.

Impact

Exposure of sensitive information

Affected Vendors

Siemens

Affected Products

  • SCALANCE W700 Versions 6.3 and prior
  • SCALANCE W1700 Versions 1.0 and prior

Remediation

Apply the following updates:

  • SCALANCE W700: Update to v6.4 or later
  • SCALANCE W1700: Update to v1.1 or later

    Additionally:
  • Whenever possible, use AES-CCMP instead of TKIP in the WPA/WPA2 networks. This can be configured for both the SCALANCE W-700 and W-1700 families over the Web Based Management (web server). 
  • Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
  • Locate control system networks and remote devices behind firewalls, and isolate them from the business network.
  • When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.