Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters to fix a critical vulnerability that can be exploited by remote attackers to bypass authentication and perform administrative actions on the device.
The KT PAC1200 multichannel measuring devices belong to the Siemens SENTRON energy management family that have been designed to monitor energy consumption using sensors to collect data. Data gathered by Siemens smart meters can be viewed via a desktop web browser or mobile applications for Android and iOS.
The flaw tracked as CVE-2017-9944 was discovered by the researcher Maxim Rupp, it affects the web server integrated into the Siemens smart meters. The vulnerability allows a remote attacker to bypass authentication using an alternate path or channel, exploiting the issue it is possible to access the web interface and perform administrative operations.
The web interface of Siemens smart meters provides useful information to the users, including power consumption statistics for a specified period and budget monitoring.
The vulnerability affects 7KT PAC1200 data manager running a version of the firmware prior to 2.03.
“Successful exploitation of this vulnerability could allow an attacker to bypass authentication mechanisms and perform administrative functions.” states the security advisory published by the US ICS-CERT.
“Siemens provides firmware Version V2.03 for 7KT PAC1200 data manager (7KT1260) from the SENTRON portfolio, which fixes the vulnerability and recommends users update to the new fixed version. The firmware update V2.0.3 for 7KT PAC1200 data manager (7KT1260) from the SENTRON portfolio can be found on the Siemens web site at the following location:
https://support.industry.siemens.com/cs/ww/de/view/109749883/en?dl=en(link is external) ” ” continues the security advisory.
“As a general security measure, Siemens strongly recommends protecting network access to the devices with appropriate mechanisms. Siemens advises configuring the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.”
(Security Affairs – Kaspersky, NSA)