{"id":22083,"date":"2021-11-11T10:43:06","date_gmt":"2021-11-11T09:43:06","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=22083"},"modified":"2024-07-26T17:14:13","modified_gmt":"2024-07-26T15:14:13","slug":"kritische-schwachstellen-in-siemens-nucleos-rtos","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/11\/11\/kritische-schwachstellen-in-siemens-nucleos-rtos\/","title":{"rendered":"Critical vulnerabilities in Siemens Nucleos RTOS"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2021\/11\/11\/kritische-schwachstellen-in-siemens-nucleos-rtos\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Security researchers from Forescout have discovered 13 critical vulnerabilities in the Nucleos RTOS (Real Time OS) operating system, which is used by Siemens in industrial control systems and in medical devices. Some of the vulnerabilities have a CVSS score of 9.8, and <a href=\"https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-21-103-04\" target=\"_blank\" rel=\"noopener\">US CISA is warning<\/a> about the vulnerabilities. However, security updates to close these vulnerabilities are already available.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg08.met.vgwort.de\/na\/72487cd1b19946abb2d55a914c5927b8\" alt=\"\" width=\"1\" height=\"1\" \/>I first became aware of the issue yesterday on <a href=\"https:\/\/twitter.com\/campuscodi\/status\/1458103704834514947\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> from Catalin Cimpanu via the following tweets:<\/p>\n<p><a href=\"https:\/\/twitter.com\/campuscodi\/status\/1458103704834514947\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"Siemens Nucleos RTOS Vulnerabilities\" src=\"https:\/\/i.imgur.com\/PAvxbiq.png\" alt=\"Siemens Nucleos RTOS Vulnerabilities\" \/><\/a><\/p>\n<p><img decoding=\"async\" title=\"Siemens Nucleos RTOS Vulnerabilities\" src=\"https:\/\/i.imgur.com\/LVO3gYb.png\" alt=\"Siemens Nucleos RTOS Vulnerabilities\" \/><\/p>\n<p>Affected versions according to <a href=\"https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-21-103-04\" target=\"_blank\" rel=\"noopener\">CISA<\/a>:<\/p>\n<ul>\n<li>Nucleus NET: All versions prior to v5.2<\/li>\n<li>Nucleus RTOS: Versions with affected DNS modules<\/li>\n<li>Nucleus source code: Versions including affected DNS modules<\/li>\n<li>VSTAR: Versions including affected DNS modules<\/li>\n<\/ul>\n<p>Forescout published the details in a blog post <a href=\"https:\/\/www.forescout.com\/blog\/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack\/\" target=\"_blank\" rel=\"noopener\">New Critical Vulnerabilities Found on Nucleus TCP\/IP Stack<\/a> on November 9, 2021. One vulnerability likely affects the operating system's FTP function. The following figure summarizes the CVEs from the Forescout blog post.<\/p>\n<p><img decoding=\"async\" title=\"Siemens Nucleos RTOS Vulnerabilities\" src=\"https:\/\/i.imgur.com\/PgyFMnn.png\" alt=\"Siemens Nucleos RTOS Vulnerabilities\" \/><\/p>\n<p>The following video from Forescout discusses the dissection of the Nucleus TCP\/IP stack:<\/p>\n<p>(Source: <a href=\"https:\/\/youtu.be\/xwbL0yGKV80\">YouTube<\/a>)<\/p>\n<p>Siemens has published security advisory <a href=\"https:\/\/cert-portal.siemens.com\/productcert\/pdf\/ssa-044112.pdf\" target=\"_blank\" rel=\"noopener\">SSA-185699<\/a> (PDF) where they provide remediation for the following products:<\/p>\n<ul>\n<li>Nucleus NET: Follow the general security measures or upgrade to the latest versions of Nucleus ReadyStart or Nucleus 4. Note that the latest version of Nucleus NET (v5.2) is not affected by the vulnerabilities, but has already reached the end of software support.<\/li>\n<li>Nucleus RTOS:\u00a0 Contact customer support for information on patches and updates.<\/li>\n<li>Nucleus Source Code: Contact customer support for information on patches and updates.<\/li>\n<li>VSTAR: Contact customer support for information on patches and updates.<\/li>\n<\/ul>\n<p>Siemens has identified the following specific workarounds and remedies that users can apply to reduce the risk:<\/p>\n<ul>\n<li>Avoid using DNS clients of the affected versions.<\/li>\n<li>Contact Siemens Customer Support or a Nucleus sales team for additional mitigation tips.<\/li>\n<\/ul>\n<p>As a general security measure, Siemens strongly recommends protecting network access to the devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to the SiemensOperational Guidelines for Industrial Security and following the recommendations in the product manuals.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Security researchers from Forescout have discovered 13 critical vulnerabilities in the Nucleos RTOS (Real Time OS) operating system, which is used by Siemens in industrial control systems and in medical devices. Some of the vulnerabilities have a CVSS score of &hellip; <a href=\"https:\/\/borncity.com\/win\/2021\/11\/11\/kritische-schwachstellen-in-siemens-nucleos-rtos\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[69],"class_list":["post-22083","post","type-post","status-publish","format-standard","hentry","category-security","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22083","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=22083"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22083\/revisions"}],"predecessor-version":[{"id":34569,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22083\/revisions\/34569"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=22083"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=22083"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=22083"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}