Detections
Analytics
Siemens SIMATIC and SCALANCE Products Encryption Strength (CVE-2023-0464)
high Tenable OT Security Plugin ID 502324
Synopsis
The remote OT asset is affected by a vulnerability.Description
A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.Policy processing is disabled by default but can be enabled by passing the '-policy' argument to the command line utilities or by calling the X509_VERIFY_PARAM_set1_policies() function.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk:- Only build and run applications from trusted sources.
See Also
https://www.openssl.org/news/secadv/20230207.txt
https://cert-portal.siemens.com/productcert/html/ssa-398330.html
https://cert-portal.siemens.com/productcert/html/ssa-794697.html
https://cert-portal.siemens.com/productcert/html/ssa-625862.html
https://cert-portal.siemens.com/productcert/html/ssa-879734.html
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-11
Plugin Details
Severity: High
ID: 502324
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 7/23/2024
Updated: 7/23/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v3
Risk Factor: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware, cpe:/o:siemens:simatic_s7-1500_firmware, cpe:/o:siemens:scalance_xm416-4c_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware, cpe:/o:siemens:simatic_cp_1543sp-1_firmware, cpe:/o:siemens:scalance_xm408-4c_firmware, cpe:/o:siemens:simatic_s7-1500_tm_mfp, cpe:/o:siemens:simatic_cp_1542sp-1_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware, cpe:/o:siemens:scalance_xr526-8c_firmware, cpe:/o:siemens:scalance_xm408-8c_firmware, cpe:/o:siemens:scalance_xr552-12m_firmware, cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware, cpe:/o:siemens:scalance_xr528-6m_firmware
Required KB Items: Tenable.ot/Siemens
Patch Publication Date: 1/10/2023
Vulnerability Publication Date: 1/10/2023
Reference Information
CVE: CVE-2023-0464
CWE: 326