Specialists from a cyber security consulting company have reported the finding of critical flaws in some Siemens products. According to the report, exploiting these vulnerabilities would allow threat actors to inject arbitrary code, among other malicious scenarios.

Below are brief descriptions of reported flaws, in addition to their respective scores and identification keys according to the Common Vulnerability Scoring System (CVSS).

CVE-2019-15126: After an affected device handles a dissociation event, it is possible to send a limited number of encrypted WiFi frames with a weak and static peer temporary key (PTK), which would allow threat actors to decrypt WiFi frames.

Experts from the cyber security consulting company mention that a threat actor trying to exploit this flaw requires access to the local network to obtain WiFi frames and decrypt them with static PKK. The flaw received a score of 6.2/10, so it is considered an average severity error.

The products affected by this flaw are:

  • SIMATIC RF650M
  • SIMATIC RF350M
  • SIMOTICS CONNECT 400

No attempts at active exploitation have been reported at this time. However, it is important to note that there is no patch available for this vulnerability, so you only need to look for a workaround until Siemens fixes the flaw.

CVE-2020-10055: Incorrect input validation if the advanced reporting engine is enabled on affected products would allow threat actors to execute arbitrary code on the target system.

According to cyber security consulting company specialists, a malicious hacker could send specially crafted requests and execute arbitrary code on the target system. The flaw received a score of 8.5/10.

This vulnerability affects the following products and versions:

  • DC Unlock: Versions 3.xy 4.x
  • CC Compact Unlock: Versions 3.xy 4.x

Although no active exploitation attempts have been detected, CVE-2020-10055 can be exploited remotely by unauthenticated threat actors, so it is vital that system administrators install fixes released by Siemens.

Further reports of these flaws are available on the company’s official platforms.