ICS-CERT is currently evaluating the malware to determine the potential affects that it could have on control system environments. The actual impact to control environments is not yet known.
#Siemens step 7 query software
Exact software versions and configurations that may be affected are still being analyzed jointly by ICS-CERT and Siemens CERT. The malware also appears to interact with SIMATIC® WinCC or SIMATIC® Siemens STEP 7 software. There are also unconfirmed reports that Windows 2000 and Windows XP SP2 are also susceptible to this zero-day vulnerability.
#Siemens step 7 query full
The full capabilities of the malware and intent or results of the queries are not yet known. ICS-CERT has confirmed the malware installs a trojan that interacts with installed SIMATIC® WinCC or SIMATIC® Siemens STEP 7 software and then makes queries to any discovered SIMATIC® databases. Microsoft has also released a Security Advisory (2286198) cĭetailing the previously unknown vulnerability. US-CERT has released a Vulnerability Note bĭetailing the vulnerability and suggested workarounds. The malware utilizes this zero-day vulnerability and exploits systems after users open a USB drive with a file manager capable of displaying icons (like Windows Explorer). The discovery of malware that uses a zero-day vulnerability in Microsoft Windows processing of shortcut files. VirusBlokAda, an antivirus vendor based in Belarus, announced a
0 kommentar(er)
