Siemens and Schneider Electric’s Patch Tuesday advisories for May 2023 address several vulnerabilities discovered in their products. Siemens has issued six new advisories, detailing 26 vulnerabilities. Two critical flaws in Siveillance Video products can be exploited for authenticated remote code execution. The Scalance local processing engine (LPE) is affected by one critical and four low-severity issues, which can be used to access the underlying operating system with elevated privileges, access data, and cause a DoS condition. Various critical and high-severity vulnerabilities have been patched in third-party components utilized by the Sinec network management system.
Issues related to command injection, hardcoded credentials, path traversal, information access, and DoS have been resolved in the Simatic Cloud Connect 7 IoT gateway. Siemens has also fixed several vulnerabilities that can be exploited using specially crafted files for code execution, information disclosure, and DoS attacks in Solid Edge tools. Furthermore, the company has informed customers about a Wi-Fi client isolation bypass attack that allows an attacker to intercept traffic at the MAC layer. This issue affects Scalance devices, but a fix has not been released yet. For all other vulnerabilities, Siemens has provided patches.
Schneider Electric has published four new advisories, describing six vulnerabilities. One advisory covers a high-severity vulnerability affecting PowerLogic power meters, which allows an attacker who can intercept network traffic to obtain sensitive information, modify data, or cause a DoS condition. Another advisory informs customers about an OPC Factory Server vulnerability that can be exploited to obtain sensitive information.
Two of the Schneider advisories inform customers about vulnerabilities affecting Aveva products, which were acquired by Schneider earlier this year. Aveva published its own advisories for the vulnerabilities, including critical and high-severity issues, in March. The French industrial giant also recently notified customers about the public availability of a PoC exploit targeting KNX home and building automation systems. The PoC exploit, published in March, impacts the company’s spaceLYnk, Wiser for KNX, and FellerLYnk products. The exploit targets two known vulnerabilities: CVE-2022-22809, addressed by the vendor in February 2022, and CVE-2020-7525, addressed in August 2020. Schneider issued a warning over KNX attacks in 2021 and now says, “this new exploit brings further attention to the recommended mitigations in that security bulletin”.