Siemens APOGEE/TALON Field Panels

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to hijack existing sessions or spoof future sessions.

CVEs (2)

Remediations

• Siemens products that contain a vulnerable TLS server and have certificate-based client authentication enabled: do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names
• Siemens products that contain a vulnerable TLS client: in cases where this option is configurable: ensure that TLS server certificate verification is turned on and do not configure trust for CA certificates, that contain a nameConstraint-extension (https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names
• As a mitigation for vulnerable versions: In the truststore, do not add CA certificates that contain a nameConstraint-extension ( https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10) with punycode-encoded internationalized domain names
• Ensure that only trusted (CA) certificates are contained in the Machine Agent's truststore
• Currently no fix is available
• Update to V2.20 or later version
• Update to V2023.1 or later version
• As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Affected Vendors

Affected Products (5)

Affected Sectors

Critical Manufacturing