As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: TeleControl Server Basic
- Vulnerabilities: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to read and write to the application’s database, cause a denial-of-service condition, and execute code in an OS shell.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
- TeleControl Server Basic: versions prior to V3.1.2.2
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (‘SQL INJECTION’) CWE-89
The affected application is vulnerable to SQL injection through the internally used ‘CreateTrace’ method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and write to the application’s database
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: