Share: Email | Twitter

ID

VDE-2022-024

Published

2022-06-15 10:00 (CEST)

Last update

2022-07-05 16:11 (CEST)

Vendor(s)

AUMA Riester GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
- SIMA² Master Station < V 2.6

Summary

Improper buffer restrictions in the webserver used in SIMA² Master Station software versions < V 2.6 may allow an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.

CVE ID

CVE-2021-22275 

Last Update:

May 31, 2022, noon

Severity

8.6 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) 

Weakness

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')  (CWE-120) 

Summary

Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.

Details

nvd.nist.gov 

Impact

The webserver component of the automation runtime used implements insufficient checks on handling file uploads. This implementation could result in a memory violation, which in turn affects the stability of automation runtime.
An attacker could leverage this vulnerability to potentially cause a denial of service of the device.

Solution

Mitigation

AUMA recommends the following specific workarounds and mitigations:

  • The access to the SIMA² should be restricted to legitimate network partners, using e.g. a sufficient firewall setup and robust network segmentation.

In general, AUMA recommends implementing the Product Security Guideline for uses on Cybersecurity for the SIMA² Master Station.

Remediation

The described vulnerabilities have been fixed in the product versions with software version V 2.6 or
higher. SIMA² Master Stations with software versions < V 2.6 can be upgraded. AUMA recommends applying a product update at the earliest convenience

Reported by

AUMA Riester GmbH & Co. KG thanks CERT@VDE for the support with this publication.