OTORIO Research Team Finds Critical Vulnerability in Siemens PCS 7 System

A report by the OTORIO research team has revealed a Remote Code Execution (RCE) vulnerability affecting Siemens servers, including Simatic PCS 7. The RCE vulnerability was discovered in the WinCC OA component of the Simatic PCS 7 system, which is widely used in industrial control systems (ICS) across various industries. The discovery of this vulnerability highlights the importance of conducting comprehensive security assessments to identify potential security threats and to secure industrial control systems.

The Remote Code Execution (RCE) vulnerability could allow an attacker to remotely execute malicious code on the affected system, potentially giving them full control over the system. This can result in the attacker being able to manipulate and disrupt industrial processes, causing significant harm to the affected organization.

The OTORIO research team promptly reported the vulnerability to Siemens, who have since released a patch to address the issue. The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued a warning to organizations using Siemens systems to apply the patch as soon as possible. CISA has advised that the vulnerability has a CVSS v3 base score of 9.8, which is considered to be a critical severity.

It is important for organizations using Siemens systems to take this vulnerability seriously and to apply the patch as soon as possible to prevent the potential for a malicious attack. The OTORIO research team’s discovery of the Remote Code Execution (RCE) vulnerability serves as a reminder of the need for organizations to be proactive in their security measures and to assess the security of their industrial control systems regularly.

The discovery of the Remote Code Execution (RCE) vulnerability by the OTORIO research team demonstrates the company’s commitment to providing security solutions for industrial control systems (ICS). OTORIO’s team of experienced security researchers is dedicated to identifying and addressing potential security threats, helping organizations to secure their critical infrastructure and ensure the safety and reliability of their industrial processes.

OTORIO is a technology company that provides security solutions for Operational Technology (OT) environments. The company has a vision of ensuring a safe, autonomous industrial world by solving real-world security challenges. OTORIO empowers operational and security teams to manage digital risks and build resilient operations through its technology-enabled ecosystem. Its global team consists of top nation-state cyber security experts and operational experts who have a passion for improving the safety and efficiency of operational processes.

OTORIO offers a variety of security solutions, including automated risk monitoring and management, automated security and compliance assessment, machine lifecycle risk management, secure remote access and OT security services. The OTORIO‘s solutions are used by industries such as machine manufacturing, cyber consultants and auditors, maritime and commercial ports, food and beverage, pharmaceuticals, automotive, oil and gas, chemicals, and energy.

The OTORIO‘s flagship product, RAM², is an OT security solution that provides continuous, proactive risk identification, reduction, and compliance audit. RAM² collects, analyzes, and enriches data from a variety of security and industrial sources in the OT environment, providing a comprehensive assessment of the security posture. It prioritizes risks based on the business impact of cyber-physical systems and provides practical and feasible mitigation playbooks tailored for the OT environment. RAM² reduces the amount of noise generated by existing security solutions and helps improve the mean time to detect (MTTD) and resolve mean time to repair (MTTR) risks.

RAM² is based on a proactive approach to risk identification and reduction and provides out-of-the-box compliance with regulatory standards and organizational policies. The platform has an unmatched integration capacity and provides mitigation playbooks, case management, and risk quantification. RAM² correlates information from multiple data sources to extend insights capabilities and provide a correlated and contextualized attack vector analysis.

In conclusion, the discovery of the Remote Code Execution (RCE) vulnerability affecting Siemens servers, including Simatic PCS 7, highlights the importance of conducting comprehensive security assessments to identify potential security threats and to secure industrial control systems (ICS). Organizations using Siemens systems are advised to apply the patch as soon as possible to prevent the potential for a malicious attack. The discovery of this vulnerability by the OTORIO research team serves as a reminder of the need for organizations to be proactive in their security measures and to regularly assess the security of their industrial control systems (ICS).

For more information about the RCE vulnerability, please refer to the following:

  • The OTORIO blog post:

https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-10

Matan Dobrushin | Eran Jacob

Skip to content