Full Report
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available. [0] https://www.openssl.org/news/secadv/20210325.txt
Analysis Summary
# Vulnerability: OpenSSL Malformed Certificate Null Pointer Dereference
## CVE Details
- **CVE ID:** CVE-2021-3449
- **CVSS Score:** 5.9 (Medium)
- **CWE:** CWE-476 (NULL Pointer Dereference)
## Affected Systems
- **Products:** A wide range of Siemens industrial products including:
- **Networking:** SCALANCE (M-800, S600/SC-600 series, W-700/W-1700, X series, XB-200, XC-200, XP-200, XF-200BA, XR-300WG).
- **RUGGEDCOM:** CROSSBOW, RM1224.
- **SIMATIC:** CP 1242/1243, CP 1542/1543/1545, Cloud Connect 7, RF600 Readers, MV500, S7-1200/S7-1500 CPUs, WinCC, Process Historian, PDM, Logon.
- **Industrial Software:** SINEMA Server, SINEC NMS, TIA Administrator.
- **Versions:** OpenSSL versions 1.1.1 through 1.1.1j.
- **Configurations:** Systems acting as a TLS server where the OpenSSL library is utilized for encrypted communications.
## Vulnerability Description
A NULL pointer dereference flaw exists in OpenSSL during a TLS renegotiation handshake. If a client sends a maliciously crafted `renegotiation_info` extension that is inconsistent with the initial handshake (specifically, omitting the signature algorithms extension while it was present originally), the server-side OpenSSL crashes. This results in a Denial of Service (DoS) of the affected service or device.
## Exploitation
- **Status:** PoC available; widely documented since 2021.
- **Complexity:** Low.
- **Attack Vector:** Network (Remote).
## Impact
- **Confidentiality:** None.
- **Integrity:** None.
- **Availability:** High (The service or device becomes unavailable until restarted).
## Remediation
### Patches
Siemens has released multiple updates across its product lines. Key updates include:
- **SCALANCE SC-600:** Update to V2.2 or later.
- **SIMATIC S7-1200/S7-1500:** Various firmware updates (e.g., V4.5.0 for S7-1200).
- **SIMATIC WinCC Runtime Advanced:** Update to V17 or later.
- **RUGGEDCOM CROSSBOW:** Update to V5.2.
*Note: For several legacy products (e.g., SCALANCE S602, S612), no fix is planned.*
### Workarounds
- **General Mitigation:** Strictly limit network access to affected devices via firewalls or VLAN segmentation.
- **Industrial Security Guidelines:** Align environments with Siemens' operational guidelines for Industrial Security.
- **Disable TLS Renegotiation:** If the application allows, disabling TLS renegotiation prevents the attack vector.
## Detection
- **Indicators of Compromise:** Unexpected crashes of the TLS-related service or device reboots following a TLS handshake attempt.
- **Detection Methods:** Network Intrusion Detection Systems (IDS) can be configured to detect malformed TLS ClientHello packets during renegotiation.
## References
- Siemens Advisory: hxxps[:]//cert-portal[.]siemens[.]com/productcert/pdf/ssa-772220[.]pdf
- OpenSSL Advisory: hxxps[:]//www[.]openssl[.]org/news/secadv/20210325[.]txt
- Operational Guidelines: hxxps[:]//www[.]siemens[.]com/cert/operational-guidelines-industrial-security