Siemens and Schneider Electric on Tuesday released a total of 16 advisories addressing well over 200 vulnerabilities affecting their industrial products.
Siemens
Siemens has released a dozen new advisories covering a total of roughly 200 vulnerabilities. A vast majority of these flaws impact third party components.
The industrial giant has informed customers about 108 Linux kernel vulnerabilities affecting Simatic S7-1500, specifically the TM multifunctional platform (MFP). The company is preparing patches for the flaws and in the meantime it has provided workarounds and mitigations.
Siemens has also notified customers about 54 vulnerabilities found in the BIOS of the same product. The security holes impact various third-party components, including the Linux kernel, libraries, BusyBox, and Intel processors. Patches are being prepared for these vulnerabilities as well.
A separate advisory describes nearly two dozen bugs in Sinamics medium voltage products. The issues impact third-party components and fixes have been released.
In addition, Siemens has resolved critical remote code execution vulnerabilities in the Simatic Step 7 product and Sicam Q200 devices.
A few high-severity flaws have been patched by the company in Solid Edge, Simatic WinCC, Teamcenter Visualization and JT2Go, and Sicam A8000 products. The security holes can lead to arbitrary code execution, DoS attacks, privilege escalation, and unauthorized access.
Siemens has also informed customers about medium-severity flaws in TIA Portal (project file encryption issue), Simotion (configuration data exposure), and Simatic WinCC (authentication and encryption issues).
Schneider Electric
Schneider Electric has released four new advisories covering a total of five vulnerabilities.
One of the advisories informs customers about two high-severity flaws affecting its Foxboro distributed control system (DCS). An attacker can exploit them for DoS attacks, privilege escalation, and kernel code execution.
In addition, the Foxboro SCADA product is affected by a flaw that exposes cleartext credentials. The issue exists in the Aveva InTouch component, where it was originally patched back in 2021.
Schneider has also warned organizations that attackers could achieve arbitrary code execution by exploiting vulnerabilities in its EcoStruxure Operator Terminal Expert, Pro-face BLUEm and the IGSS (Interactive Graphical SCADA System) products. Exploitation involves tricking the targeted user into opening a specially crafted project file.
Related: ICS Patch Tuesday: Siemens, Schneider Electric Address Few Dozen Vulnerabilities
Related: Critical Siemens RTU Vulnerability Could Allow Hackers to Destabilize Power Grid