الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تم ارسال تقييمك بنجاح.
تحديثات Siemens
3690
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
9 سبتمبر, 2020
● عالي
2020-1744
الكل
الوصف:
أصدرت Siemens عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- Opcenter Execution Discrete
- Opcenter Execution Foundation
- Opcenter Execution Process
- Opcenter Intelligence
- Opcenter Quality
- Opcenter RD&L
- SIMATIC IT LMS
- SIMATIC IT Production Suite
- SIMATIC Notifier Server for Windows
- SIMATIC PCS neo
- SIMATIC STEP 7 (TIA Portal) V15
- SIMATIC STEP 7 (TIA Portal) V16
- SIMOCODE ES
- Soft Starter ES:
- Development/Evaluation Kits for PROFINET IO:
DK Standard Ethernet Controller - Development/Evaluation Kits for PROFINET IO:
EK-ERTEC 200 - Development/Evaluation Kits for PROFINET IO:
EK-ERTEC 200P - PROFINET Driver for Controller
- RUGGEDCOM RM1224
- SCALANCE M-800 / S615
- SCALANCE W700 IEEE 802.11n
- SCALANCE X-200 switch family (incl. SIPLUS NET variants)
- SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
- SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)
- SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG
- SCALANCE XM-400 switch family
- SCALANCE XR-500 switch family
- SIMATIC ET200AL IM 157-1 PN
- SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants)
- SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants)
- SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)
- SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)
- SIMATIC ET200S (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)
- SIMATIC ET200ecoPN (except 6ES7141-6BG00- 0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00- 0BB0, 6ES7142-6BR00-0BB0, 6ES7143-6BH00- 0BB0, 6ES7146-6FF00-0AB0 and 6ES7148- 6JD00-0AB0):
- SIMATIC ET200pro, IM 154-3 PN HF
- SIMATIC ET200pro, IM 154-4 PN HF
- SIMATIC IPC Support, Package for VxWorks
- SIMATIC MV400 family
- SIMATIC NET CP 1616 and CP 1604
- SIMATIC NET CP 343-1 (incl. SIPLUS variants)
- SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants)
- SIMATIC NET CP 343-1 ERPC
- SIMATIC NET CP 343-1 LEAN (incl. SIPLUS variants)
- SIMATIC NET CP 443-1 (incl. SIPLUS variants)
- SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants)
- SIMATIC NET CP 443-1 OPC UA
- SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0
(incl. SIPLUS NET variant) - SIMATIC RF180C
- SIMATIC RF182C
- SIMATIC RF600 family
- SINAMICS DCP
- SOFTNET-IE PNIO
- RFID 181EIP
- SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)
- SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)
- SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants)
- SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants)
- SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F
- SIMATIC IPC DiagMonitor
- SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants)
- SIMATIC RF185C
- SIMATIC RF186C
- SIMATIC RF188C
- SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)
- SIMATIC S7-1500 Software Controller
- SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)
- SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)
- SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)
- SIMATIC S7-PLCSIM Advanced
- SIMATIC Teleservice Adapter IE Advanced
- SIMATIC Teleservice Adapter IE Basic
- SIMATIC Teleservice Adapter IE Standard
- SIMATIC WinAC RTX (F) 2010
- SIMATIC WinCC Runtime Advanced
- SIMOCODE pro V EIP (incl. SIPLUS variants)
- SIMOCODE pro V PN (incl. SIPLUS variants)
- SINAMICS G130 V4.6 Control Unit
- SINAMICS G130 V4.7 Control Unit
- SINAMICS G130 V4.7 SP1 Control Unit
- SINAMICS G130 V4.8 Control Unit
- SINAMICS G130 V5.1 Control Unit
- SINAMICS G130 V5.1 SP1 Control Unit
- SINAMICS G150 V4.6 Control Unit
- SINAMICS G150 V4.7 Control Unit
- SINAMICS G150 V4.7 SP1 Control Unit
- SINAMICS G150 V4.8 Control Unit
- SINAMICS G150 V5.1 Control Unit
- SINAMICS G150 V5.1 SP1 Control Unit
- SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)
- SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)
- SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)
- SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)
- SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)
- SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)
- SINAMICS S150 V4.6 Control Unit
- SINAMICS S150 V4.7 Control Unit
- SINAMICS S150 V4.7 SP1 Control Unit
- SINAMICS S150 V4.8 Control Unit
- SINAMICS S150 V5.1 Control Unit
- SINAMICS S150 V5.1 SP1 Control Unit
- SINAMICS S210 V5.1 Control Unit
- SINAMICS S210 V5.1 SP1 Control Unit
- SITOP Manager
- SITOP PSU8600
- SITOP UPS1600 (incl. SIPLUS variants)
- TIM 1531 IRC (incl. SIPLUS NET variants)
- Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller
- Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200
- Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P
- SIMATIC CFU PA
- SIMATIC ET200AL
- SIMATIC ET200M (incl. SIPLUS variants)
- SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)
- SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)
- SIMATIC ET200ecoPN (except 6ES7141-6BG00- 0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00- 0BB0, 6ES7142-6BR00-0BB0, 6ES7143-6BH00- 0BB0, 6ES7146-6FF00-0AB0 and 6ES7148- 6JD00-0AB0)
- SIMATIC ET200pro
- SIMATIC HMI KTP Mobile Panels
- SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)
- SIMATIC PROFINET Driver
- SIMATIC S7-1200 CPU family (incl. SIPLUS variants)
- SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)
- SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)
- SIMATIC TDC CP51M1
- SIMATIC TDC CPU555
- SINAMICS DCM
- SINAMICS G110M V4.7 PN Control Unit
- SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants)
- SINAMICS G150 Control Unit
- SINAMICS GH150 V4.7 Control Unit
- SINAMICS GL150 V4.7 Control Unit
- SINAMICS GM150 V4.7 Control Unit
- SINAMICS S110 Control Unit
- SINAMICS S150 Control Unit
- SINAMICS SL150 V4.7 Control Unit
- SINAMICS SM120 V4.7 Control Unit
- SINUMERIK 828D
- SINUMERIK 840D sl
- SIMATIC RTLS Locating Manager
- SIMATIC S7-400 CPU family (incl. SIPLUS variants):
- Polarion Subversion Webclient
- Information Server
- Process Historian (incl. Process Historian OPC UA Server)
- SIMATIC PCS neo
- SIMATIC WinCC OA
- SIMIT Simulation Platform
- SINEC INS
- SINEMA Remote Connect
- SPPA-S2000 (S7)
- SPPA-S3000
- SPPA-T3000
- SIMATIC Field PG M4
- SIMATIC Field PG M5
- SIMATIC Field PG M6
- SIMATIC IPC3000 SMART
- SIMATIC IPC347E
- SIMATIC IPC427D (incl. SIPLUS variants)
- SIMATIC IPC427E (incl. SIPLUS variants)
- SIMATIC IPC477D
- SIMATIC IPC477E
- SIMATIC IPC477E Pro
- SIMATIC IPC527G
- SIMATIC IPC547E
- SIMATIC IPC547G
- SIMATIC IPC627D
- SIMATIC IPC627E
- SIMATIC IPC647D
- SIMATIC IPC647E
- SIMATIC IPC677D
- SIMATIC IPC677E
- SIMATIC IPC827D
- SIMATIC IPC847D
- SIMATIC IPC847E
- SIMATIC ITP1000
- SIMOTION P320-4E
- SIMOTION P320-4S
- SINUMERIK 828D (PPU.4 / PPU1740)
- SINUMERIK 840D sl (NCU730.3B)
- SINUMERIK ONE (NCU1750 / NCU1760)
- SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)
- SIMATIC HMI Comfort Panels (incl. SIPLUS variants)
- SIMATIC HMI Mobile Panels
- SIMATIC HMI United Comfort Panels
- Spectrum Power™ 4
- License Management Utility (LMU)
- Siveillance Video Client
- SCALANCE S602
- SCALANCE S612
- SCALANCE S623
- SCALANCE S627-2M
- SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
- OpenPCS 7 V8.1
- OpenPCS 7 V8.2
- OpenPCS 7 V9.0
- SIMATIC BATCH V8.1
- SIMATIC BATCH V8.2
- SIMATIC BATCH V9.0
- SIMATIC NET PC Software
- SIMATIC PCS 7 V8.1
- SIMATIC PCS 7 V8.2
- SIMATIC PCS 7 V9.0
- SIMATIC Route Control V8.1
- SIMATIC Route Control V8.2
- SIMATIC Route Control V9.0
- SIMATIC WinCC (TIA Portal) V13
- SIMATIC WinCC (TIA Portal) V14
- SIMATIC WinCC (TIA Portal) V15.1
- SIMATIC WinCC (TIA Portal) V16
- SIMATIC WinCC V7.3
- SIMATIC WinCC V7.4
- SIMATIC WinCC V7.5
- SIMATIC Automation Tool
- SIMATIC ProSave
- SIMATIC STEP 7
- SIMATIC STEP 7 (TIA Portal) V13
- SIMATIC STEP 7 (TIA Portal) V14
- SIMATIC STEP 7 (TIA Portal) V15
- SIMATIC STEP 7 (TIA Portal) V16
- SIMATIC WinCC OA V3.16
- SIMATIC WinCC OA V3.17
- SIMATIC WinCC Runtime Professional V13
- SIMATIC WinCC Runtime Professional V14
- SIMATIC WinCC Runtime Professional V15
- SIMATIC WinCC Runtime Professional V16
- SINAMICS STARTER commissioning tool
- SINAMICS Startdrive
- SINEC NMS
- SINEMA Server
- SINUMERIK ONE virtual
- SINUMERIK Operate
- RUGGEDCOM ROX II
- SCALANCE SC-600
- SCALANCE W1700 IEEE 802.11ac
- SCALANCE W700 IEEE 802.11a/b/g/n
- SIMATIC NET CP 1242-7
- SIMATIC NET CP 1243-1 (incl. SIPLUS variants)
- SIMATIC NET CP 1243-7 LTE EU
- SIMATIC NET CP 1243-7 LTE US
- SIMATIC NET CP 1243-8 IRC
- SIMATIC NET CP 1542SP-1
- SIMATIC NET CP 1542SP-1 IRC (incl. SIPLUS variants)
- SIMATIC NET CP 1543-1 (incl. SIPLUS variants)
- SIMATIC NET CP 1543SP-1 (incl. SIPLUS variants)
- SIMATIC RF186CI
- SIMATIC RF188CI
- SINEMA Remote Connect Server
- CloudConnect 712
- ROX II
- RUGGEDCOM APE1404 Linux
- RUGGEDCOM RX1400 VPE Debian Linux
- RUGGEDCOM RX1400 VPE Linux CloudConnect
- SCALANCE M875
- SCALANCE W1700
- SCALANCE WLC711
- SCALANCE WLC712
- SIMATIC CM 1542-1
- SIMATIC ITC1500
- SIMATIC ITC1500 PRO
- SIMATIC ITC1900
- SIMATIC ITC1900 PRO
- SIMATIC ITC2200
- SIMATIC ITC2200 PRO
- SIMATIC MV500
- SIMATIC NET CP 1623
- SIMATIC NET CP 1628
- SIMATIC NET CP 442-1 RNA
- SIMATIC NET CP 443-1 RNA
- SIMATIC RF600R
- SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (incl. SIPLUS variant)
- SINUMERIK 808D
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack) –عن بعد
- تنفيذ برمجيات خبيثة
- رفع الصلاحيات لزيادة قدرته على التعديل في النظام
- الكشف والإفصاح غير المصرح به للمعلومات
- هجمة البرمجة عبر المواقع ((Cross-site scripting (XSS)
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرت Siemens توضيحًا لهذه التحديثات:
- https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-251935.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-436520.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-455843.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-542525.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-568969.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-709003.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-770698.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf
آخر تحديث في 9 سبتمبر, 2020
قيم المحتوى
شارك الصفحة
