×
Siemens Industry Online Support
Siemens AG
Entry type: Download, Entry ID: 109747626, Entry date: 12/22/2017
(5)
Rate

BIOS updates and updates of the Intel ME BIOS Extension for SIMATIC IPCs and Field PGs as reaction to security advisories

  • Entry
  • Associated product(s)
List of the updates for SIMATIC IPCs, SIMATIC Field PGs, PCS 7 Systems, SINUMERIK and SIMOTION. Troubleshooting for security advisories.


Overview

Intel Security Advisory SA-00088

In the "Intel Product Security Advisory" of 03.01.2018 (Intel ID Intel SA-00088) attention is drawn to a security gap when accessing Kernel Memory in conjunction with Intel processors through which unprivileged users can read any data in the main memory.

These processors are also used with SIMATIC IPCs and SIMATIC Field PGs.

Detailed technical information is available on the Siemens ProductCERT website: (ProductCERT Security Advisory SSA-168644).

Affected products

Potentially affected are devices with product designations and BIOS and Management Engine (ME) versions from the document mentioned above from the Siemens ProductCERT website.
Information about the article numbers and links for the current BIOS and ME versions is available at the end of the entry.


Intel Security Advisory SA-00086

In the "Intel Product Security Advisory" of 20.11.2017 (Intel ID INTEL-SA-00086) reference is made to the vulnerability of the Intel Management Engine (ME) with systems with specific Intel processors.

Intel Management Engine is also available with SIMATIC IPCs and SIMATIC Field PGs with Skylake processors.

Detailed technical information is available on the Siemens ProductCERT website: (ProductCERT Security Advisory SSA-892715).

Affected products

Potentially affected are devices with product designations and BIOS and Management Engine (ME) versions from the document mentioned above from the Siemens ProductCERT website.

Information about the article numbers and links for the current BIOS and ME versions is available at the end of the entry.


Intel Security Advisory SA-00075

In the "Intel Product Security Advisory" of 01.05.2017 (Intel ID INTEL-SA-00075) reference is made to the vulnerability of systems with specific Intel processors with enabled "Active Management Technology" (AMT) function.

Intel AMT is also available with SIMATIC IPCs and SIMATIC Field PGs with corresponding processors, but has to be enabled specifically. Normally, Intel AMT is disabled when the relevant SIMATIC products are delivered.

Detailed technical information is available on the Siemens ProductCERT website: ProductCERT Security Advisory SSA-874235

Affected products
Potentially affected are devices with product designations and BIOS and Management Engine (ME) versions from the document mentioned above from the Siemens ProductCERT website.

An update is required only if the Intel Active Management Technology is enabled with the devices being used and the article number of the device is listed in the table with the associated BIOS or ME version.

Information about the article numbers and links for the current BIOS and ME versions is available at the end of the entry.


Infineon TPM Firmware

Some SIMATIC IPCs and Field PGs use a firmware version of Infineon's Trusted Platform Management (TPM), which incorrectly handles the generation of RSA code. This might make it easier for attackers to perform cryptographic attacks against the encryption mechanisms. Link

Affected products

Potentially affected are devices with product designations and BIOS and Management Engine (ME) versions from the document mentioned above from the Siemens ProductCERT website.

Information about the article numbers and links for the current BIOS and ME versions is available at the end of the entry.


Important information about remedies

It is always recommended to use the latest BIOS and ME versions for each system. The latest version includes all the corrections and changes of the previous version and takes into account (where relevant) the security advisories listed here.

Please check whether your system is listed in the corresponding ProductCERT Security Advisory in the entry and whether the specified BIOS or ME version is already available for downloading.

Under circumstances these are created step by step and are still being worked on. In this case please check regularly for the availability of updates.


Update of a system

SIMATIC IPC / SIMATIC Field PG / SIMATIC PCS 7 Systems

For the affected systems, step-by-step updates of the BIOS and / or der Intel Management Engine BIOS Extension are made available. If a BIOS update is necessary, the corresponding link to the latest BIOS version is provided.

If you have questions or problems regarding an update, please get in touch with the Technical Support.

SINUMERIK PCU

If you have questions or problems regarding an update, please get in touch with the Technical Support for SINUMERIK.

SIMOTION systems

For technical questions regarding SIMOTION and quality information please get in touch with your Siemens contact.

Determining the device type and article number

The rating plate gives the device type and article number of your SIMATIC product. For example, the figure below shows you the rating plate of a SIMATIC IPC427E with article number 6AG4141-XXXXX-XXXX.



Rating plate with article number

Determining the BIOS version number

The BIOS version number can be found:

  • In the BIOS setup in the menu item "Main", which can be obtained by pressing the ESC key when starting the device.
  • In the software "SIMATIC IPC DiagBase" in the BIOS information.
  • In the software "SIMATIC IPC DiagMonitor" in the BIOS information.
  • In the Windows system information, which can be obtained via "Start -> Run -> msinfo32 -> System Overview".

Determining the ME version number

The ME version number can be found:

  • In the BIOS selection menu via the "MEBx" button (Intel Management Engine BIOS Extension), which can be obtained via the ESC when starting the device. The version number is in the menu header.
  • In the advanced Windows system information, which can be obtained via "Start -> Intel -> Intel Management Engine Components -> Intel Management and Security Status -> Advanced -> Button 'Advanced system details...' -> Intel ME Information -> Components Information".


SIMATIC IPCs

Table 01: Affected SIMATIC IPCs 

TypeArticle no.Link to update
IPC427D
6AG4140-6*
6AG4140-7*
6AG4140-8*
108608500
IPC427E

6AG4141-5*
6AG4141-7*

109742593
IPC477D

6AV7240-6*
6AV7240-7*
6AV7240-8*
6AV7244-5EA02-0HB0
6AV7244-5DA30-0YA0
6AV7244-5DA30-0YB0

108608500
IPC477D PRO

6AV7250-6*
6AV7250-7*
6AV7250-8*

108608500
IPC477E

6AV7241-5*
6AV7241-7*

109742593 
IPC547D

6AG4104-2C*
6AG4104-2D*

67329515
IPC547E

6AG4104-3H*
6AG4104-3K*

109481624
IPC547G

6AG4104-4*

109750349

IPC627C

6ES7647-6CG*
6ES7647-6CH*
6ES7647-6CJ*

48792087 
IPC627D

6AG4131-2G*
6AG4131-2H*
6AG4131-2J*

109474954 
IPC647C

6AG4112-1K* .. 6AG4112-1N*
6AG4112-1P*
6AG4112-1R*

48792076 
IPC647D

6AG4112-2G*
6AG4112-2H*
6AG4112-2J* .. 6AG4112-2M*

109037779 
IPC677C

6AV789?-??G*
6AV789?-??H*
6AV789?-??J*

48792087
IPC677D

6AV7260-?G*
6AV7260-?H*
6AV7260-?J*

109474954 
IPC827C

6ES7647-6PG*
6ES7647-6PH*
6ES7647-6PJ*

48792087 
IPC827D

6AG4132-2G*
6AG4132-2H*
6AG4132-2J*

109474954 
IPC847C

6AG4114-1K* .. 6AG4114-1N*
6AG4114-1P*
6AG4114-1R*

48792076
IPC847D

6AG4114-2G*
6AG4114-2H*
6AG4114-2J* .. 6AG4114-2N*
6AG4114-2P*
6AG4114-2Q*

109037779 
ITP10006AV7880-*109748173 

Legend

? = exactly 1 character
* = multiple characters


SIMATIC Field PGs

Table 02: Affected SIMATIC Field PGs 

TypeArticle no.Link to the update
Field PG M3

6ES7715-1BB*
6ES7715-1CC*

48791866 
Field PG M4

6ES7716-1*
6ES7716-2*

109037537
Field PG M5

6ES7717-*

109738122

Legend

? = exactly 1 character
* = multiple characters


PCS 7 Systems

Table 03: Affected PCS 7 systems 

TypeArticle no.Link to update
IPC427D

6ES7650-0UG??-0YX?
6ES7654-0UE23-0XX?

108608500 
IPC427E / IPC477E

6ES7650-0RJ02-0YX0
6ES7650-0VG58-*

109742593
IPC477D6ES7650-0UG??-1YX?108608500
IPC547D

6ES7660-3*
6ES7650-0TH17-0YX0

67329515
IPC547E6ES7660-4*109481624
IPC547G6ES7660-7*

109750349

IPC627C / IPC677C

6ES7650-4A*
6EQ2020-0AC03-5XX0

48792087
IPC627D / IPC677D6ES7650-4B*109474954
IPC647C6ES7660-1*48792076 
IPC647D6ES7660-5*109037779
IPC847C6ES7660-2*48792076 
IPC847D6ES7660-6*109037779

Legend

? = exactly 1 character
* = multiple characters


SINUMERIK

Table 04: Affected SINUMERIK PCUs 

TypeArticle no.Link to the update
PCU50.5-P, WINXP6FC5210-0DF53-2AA048792087 
PCU50.5-P, WIN76FC5210-0DF53-3AA048792087 


SIMOTION

Table 05: Affected SIMOTION systems 

SIMOTIONArticle no.Link to the update
P320-4 S6AU1320-4DS66-3AG0

109756438


Note
Information about SHA-256 is available in Entry ID 109483101.

Additional Keywords
CVE-2017-5689; CVE-2017-5705; CVE-2017-5706; CVE-2017-5707; CVE-2017-5708; CVE-2017-5709; CVE-2017-5710; CVE-2017-5711; CVE-2017-5712; CVE-2017-5715; CVE-2017-5753; CVE-2017-5754; Meltdown; Spectre

Security information
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about industrial security, please visit
http://www.siemens.com/industrialsecurity.