24 November 2017

Siemens Industrial Solutions Are Vulnerable to Denial-of-Service Attacks

A vulnerability that could allow remote attackers to conduct a Denial-of-Service attack by sending specially crafted packets to port 161/UDP has been identified in Siemens industrial solutions.

According to an advisory released by Siemens, the following products are affected by the vulnerability:

  • SIMATIC S7-200 SMART series controllers;
  • SIMATIC S7-300, S7-400, S7-1200 and S7-1500 CPU families;
  • SIMATIC WinAC RTX software controller;
  • SIMATIC ET 200 modules for PROFINET IO;
  • development/evaluation kits for PROFINET IO;
  • SIMOTION field devices;
  • the SINAMICS converter family

and other devices.

Firmware updates for some products have already been released. The vendor is preparing further updates to close the vulnerability.

Until patches are available, Siemens recommends taking the following mitigation measures:

  • disable SNMP if possible;
  • protect network access to port 161/UDP of affected devices;
  • apply cell protection concept and use VPN to protect network communication between cells;
  • apply Defense-in-Depth.

Source: Siemens