Siemens Security Advisory by Siemens ProductCERT SSA-504631: Incorrect Certificate Validation in COMPAS Mobile App Publication Date Last Update Current Version CVSSv2 Overall Score 2015-08-04 2015-08-04 V1.0 4.5 Summary: The latest update for the Siemens COMPAS Mobile App for Android fixes a vulnerability, which could allow attackers to capture and modify network traffic protected with SSL/TLS under certain conditions. AFFECTED PRODUCTS COMPAS Mobile App for Android: All versions < 1.6 DESCRIPTION COMPAS Mobile App allows users to quickly search for and view existing quotes and orders, generate reports and drawings, or conduct product searches. The vulnerability resolved with this update is discussed below. VULNERABILITY CLASSIFICATION The vulnerability classification has been performed by using the CVSS scoring system in version 2 (CVSSv2) (http://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring. Vulnerability Description (CVE-2015-5717) Improper SSL certificate validation could allow attackers to capture and modify data in sessions protected with SSL/TLS if the attacker is able to intercept network traffic of the COMPAS Mobile App. CVSS Base Score CVSS Temporal Score CVSS Overall Score 5.8 4.5 4.5 (AV:N/AC:M/Au:N/C:P/I:P/A:N/E:POC/RL:OF/RC:C) Mitigating factors Attackers can only take advantage of the above mentioned vulnerability if they are able to control the network traffic of the affected COMPAS Mobile App. SOLUTION Siemens has released COMPAS Mobile App for Android version 1.6 [1] which fixes the vulnerability and recommends upgrading as soon as possible. ACKNOWLEDGEMENT Siemens thanks Karsten Sohr from Universität Bremen for coordinated disclosure. SSA-504631 © Siemens AG 2015 Page 1 of 2 Siemens Security Advisory by Siemens ProductCERT ADDITIONAL RESOURCES [1] The new version of the COMPAS Mobile App for Android can be obtained via Google Play Store: https://play.google.com/store/apps/details?id=com.siemens.compass [2] For further inquiries on vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: http://www.siemens.com/cert/advisories HISTORY DATA V1.0 (2015-08-04): Publication Date DISCLAIMER See: http://www.siemens.com/terms_of_use SSA-504631 © Siemens AG 2015 Page 2 of 2