The experts at Positive Technologies, recently discovered security vulnerabilities in Siemens SIMATIC WinCC Open Architecture, a new SCADA system; used to automate the operation of large and complex critical infrastructures including airports, oil and gas pipelines, highways and even particle accelerators. By exploiting these vulnerabilities, Positive Technologies found that an attacker could execute denial of service, control applications remotely or access sensitive information. As a result of these findings, Siemens issued updates to SIMATIC WinCC that would eliminate these security risks. Positive Technologies’ experts Gleb Gritsai, Ilya Karpov and Kirill Nesterov discovered the following vulnerabilities: CVE-2014-1697, CVE-2014-1698, CVE-2014-1699, and CVE-2014-1696.
Siemens recommends updating to the version SIMATIC WinCC OA v3.12 and installing the patch SIMATIC WinCC OA v3.12 P002 January in order to remove the defects.
SIMATIC WinCC Open Architecture (OA) is a part of the Siemens HMI set of products for creating a human-machine interface and is used in various industries. WinCC OA is used to operate the West-East Pipeline (the world's longest pipeline), St. Gotthard Tunnel (Switzerland), Sitina Tunnel (Slovakia), Zurich and Geneva airports, as well as many liquid helium and water supply plants around the world.
WinCC OA plays an important role in the field of research as well. Karlsruhe research center, the University of Bonn, the National Center of Oncological Hadrontherapy (CNAO) and hundreds of other scientific institutes use the system in their studies. CERN uses WinCC OA to control the most critical operations within the Large Hadron Collider.
“Due to technical architectures of SCADA systems, they are still not as secure as traditional corporate applications. However, overtime, the security level of SCADA systems will improve due to the collaboration between organizations like Siemens CERT and security experts like Positive Technologies. Each new analysis of ICS brings higher security quality to automated systems and makes it more difficult for hackers to find and exploit vulnerabilities,” says Gleb Gritsai, the head of Penetration Testing at Positive Technologies.
Positive Technologies is recognized as a leading authority on industrial control systems (ICS) security and has been working in cooperation with leading ICS vendors for many years. Our research, like “SCADA Safety in Numbers” has dramatically increased awareness about the security risks associated with ICS equipment. Recently, to demonstrate this research, Positive Technologies constructed Choo Choo Pwn, a large-scale railway simulation; its components were controlled by an ICS modeled after three real-world SCADA systems.
About Positive Technologies
Positive Technologies is a leading provider of vulnerability assessment, compliance management and threat analysis solutions to more than 1,000 global enterprise clients. Our solutions work seamlessly across your entire business: securing applications in development; assessing your network and application vulnerabilities; assuring compliance with regulatory requirements; and blocking real-time attacks. Our commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on SCADA, Banking, Telecom, Web Application and ERP security, and distinction as the #1 fastest growing Security and Vulnerability Management firm in 2012, as shown in an IDC report*. To learn more about Positive Technologies please visit www.ptsecurity.com.
*Source: IDC Worldwide Security and Vulnerability Management 2013-2017 Forecast and 2012 Vendor Shares, doc #242465, August 2013. Based on year-over-year revenue growth in 2012 for vendors with revenues of $20M+