Siemens SIMATIC S7-1200 Controller Bugs Let Remote Users Conduct Replay and Denial of Service Attacks - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Device (Embedded Server/Appliance) > Siemens SIMATIC Controller

Vendors: Siemens

Siemens SIMATIC S7-1200 Controller Bugs Let Remote Users Conduct Replay and Denial of Service Attacks

SecurityTracker Alert ID: 1025671

SecurityTracker URL: http://securitytracker.com/id/1025671

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Updated: Jun 16 2011

Original Entry Date: Jun 16 2011

Impact: Denial of service via network, Modification of user information

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 02.00.02; possibly other versions

Description: Two vulnerabilities were reported in the Siemens SIMATIC S7-1200 Controller. A remote user can cause denial of service conditions. A remote user can conduct man-in-the-middle attacks to replay commands.

A remote user can send specially crafted data to the target web service to overload the communications interface and cause the control process to stop. Firmware version 02.00.02 is affected.

A remote user with the ability to conduct a man-in-the-middle attack between the controller and the controlling computer can capture packets and replay commands.

Dillon Beresford of NSS Labs reported this vulnerability.

[Editor's note: ICS-CERT reports that there are additional vulnerabilities not described above that remain unpatched.]

Impact: A remote user can cause the control process to stop.

A remote user can conduct replay attacks.

Solution: The vendor has issued a firmware fix.

[Editor's note: The vendor's advisory at the time of this entry did not include version number or availability information for the firmware fix. Also, ICS-CERT reports that there are additional vulnerabilities not described above that remain unpatched.]

The vendor's advisory is available at:

http://support.automation.siemens.com/WW/llisapi.dll/csfetch/50428932/Siemens_Security_Advisory_SSA-625789.pdf

Vendor URL: www.siemens.com/ (Links to External Site)

Cause: Access control error, Authentication error, State error

Underlying OS:

Message History: None.

Source Message Contents

Date: Thu, 16 Jun 2011 20:52:58 +0000
Subject: Siemens SIMATIC Controller


S7-1200

SIEMENS-SSA-625789: Security Vulnerabilities in Siemens SIMATIC S7-1200 CPU

http://support.automation.siemens.com/WW/llisapi.dll/csfetch/50428932/Siemens_Security_Advisory_SSA-625789.pdf

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC