Siemens identified a high-severity vulnerability in the Siemens Sinamics Perfect Harmony GH180 Fieldbus Network. An attacker having a low level skill could remotely exploit the vulnerability without the need for privileges or user interaction.
- The following medium voltage converters are affected by the vulnerability:
- Siemens Sinamics Perfect Harmony GH180 with NXG I control
- Siemens Sinamics Perfect Harmony GH180 with NXG II control: MLFBs: 6SR2. . . -, 6SR3. . . -, 6SR4. . . -:
All versions using option G21, G22, G23, G26, G28, G31, G32, G38, G43 or G46 are affected by the vulnerability.
The vulnerability involves improper input validation and an attacker can exploit it to bring about a denial-of-service issue by sending specifically made packets to the gadget, causing the device to reboot thus compromising system availability. To exploit the vulnerability requires device network access.
CVE-2019-6574 – The assigned CVSSv3 base score of this vulnerability is 7.5 out of 10.
To fix the vulnerability, users need to upgrade the device to NXGpro control. When it’s not possible to upgrade, do the following suggested workaround:
- Turn off the fieldbus parameter read/write function
- Use the cell protection concept and execute in-depth defense
Siemens Sinamics Perfect Harmony GH180 Drives NXG I and NXG II Vulnerability
Siemens also identified a high-severity vulnerability in Sinamics Perfect Harmony GH180 Drives (NXG I and NXG II). The vulnerabillity can be remotely exploited by an attacker with a low level of skill, and requires no privileges or user interaction.
If exploited, a person who has access to the Ethernet Modbus Interface can cause a denial-of-service status going beyond the quantity of available connections and affect system availability.
The vulnerability was found in all
- GH180 versions with NXG I control
- CH180 with NXG II control (MLFBs: 6SR2. . . -, 6SR3. . . -, 6SR4. . . -)
The assigned CVSSv3 base score of this vulnerability – CVE-2019-6578 – is 7.5 out of 10.
To fix the vulnerability, users need to upgrade their device to NXGpro control. If it’s not possible to apply the upgrade, do the following recommended workaround:
- Install a protocol bridge to isolate the networks and remove direct links to the Ethernet Modbus Interface.
- Use the cell protection concept and execute in depth defense.