This updated advisory is a follow-up to the original advisory titled ICSA-21-194-07 Siemens Industrial Products LLDP (Update C) that was published August 11, 2022, on the ICS webpage on cisa.gov/ics.
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or execute arbitrary code.
Siemens reports these vulnerabilities affect the following products:
- SIMATIC HMI Unified Comfort Panels: All versions prior to v17
- SIMATIC NET CP 1542SP-1 (6GK7542-6UX00-0XE0): All versions
- SIMATIC NET CP 1542SP-1 IRC (incl. SIPLUS variants) (6GK7243-8RX30-0XE0): All versions
- SIMATIC NET CP 1543-1 (incl. SIPLUS variants): All versions
- SIMATIC NET CP 1543SP-1 (incl. SIPLUS variants): All versions
- SIMATIC NET CP 1545-1 (6GK7545-1GX00-0XE0): All versions prior to v1.1
Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:
- Disable LLDP protocol support on Ethernet port. This will potentially disrupt the network visibility.
As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens Operational Guidelines for Industrial Security and following the recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
Please see Siemens Security Advisory SSA-941426 for more information.
