Siemens License Manager Vulnerabilities Allow ICS Hacking

The Siemens Automation License Manager is affected by two serious vulnerabilities that could be chained to hack industrial control systems (ICS), according to industrial cybersecurity firm Otorio. 

On January 10, Siemens released its first round of Patch Tuesday updates for 2023, addressing a total of 20 vulnerabilities affecting the company’s products. 

One of the six advisories published at the time describes two high-severity security holes discovered by a researcher from Otorio in the Siemens Automation License Manager (ALM), which is designed for centrally managing license keys for Siemens software.

One of the flaws, tracked as CVE-2022-43513, can allow a remote, unauthenticated attacker to rename and move license files as a System user. 

The second issue, CVE-2022-43514, allows a remote, unauthenticated attacker to execute operations on files outside the specified root folder. Chaining the two vulnerabilities can lead to remote code execution, Siemens said.

In a blog post published on Tuesday, Otorio explained that most of Siemens’ software products use the ALM by default for license management. This means the vulnerabilities impact organizations that use one of many Siemens products, including the Simatic PCS 7 historian, the Sicam Device Manager, WinCC, TIA Portal, and the DIGSI engineering tool.

According to Otorio, an attacker who has gained access to the targeted organization’s operational technology (OT) network, even with limited permissions, could exploit the vulnerabilities to fully compromise the OT network.

“For example, the PCS 7 Historian, which is used as a repository for industrial process dat ..

Support the originator by clicking the read the rest link below.