Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2013.0001 Denial-of-Service Vulnerabilities in SIMATIC S7-1200 PLCs 2 January 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens SIMATIC S7-1200 PLC Operating System: Network Appliance Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Mitigation Member content until: Friday, February 1 2013 OVERVIEW A denial of service vulnerability has been identified in the Siemens S7-1200 PLCs. [1] IMPACT The vendor has provided the following information regarding this vulnerability: "Siemens SIMATIC S7-1200 PLCs, version 2 and higher, allow device management over TCP port 102 (ISO-TSAP) and retrieving status information over UDP port 161 (SNMP). It is possible to cause the device to go into defect mode by sending specially crafted packets to these ports. Siemens is preparing a solution for these issues that will be available in the next scheduled product update. Customers will be advised when this release is available." [1] MITIGATION The vendor has provided the following mitigation to reduce the risk of this vulnerability: "Siemens is preparing a solution for these issues that will be available in the next scheduled product update. Customers will be advised and this advisory will be updated when the new release is available. The affected software components are implemented under the assumption of running in a protected network environment. Siemens strongly recommends to protect systems according to recommended security practices in [2] and to configure the environment according to operational guidelines [3]." [1] REFERENCES [1] SSA-724606: Denial-of-Service Vulnerabilities in SIMATIC S7-1200 PLCs http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf [2] Recommended security practices by US-CERT http://www.us-cert.gov/control_systems/practices/Recommended_Practices.html [3] An overview of the operational guidelines for Industrial Security (with the cell protection concept) http://www.industry.siemens.com/topics/global/en/industrial-security/Documents/operational_guidelines_industrial_security_en.pdf AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUOPT+u4yVqjM2NGpAQIH9hAAmOrZPzI03JUgQy12VTZNBbZsocPffHde jag3moj5N42spz1Eig3Kr6CHAiCDnvXFjujCAA3IE0Ab8joA1bzOgVvsHczyuYvE Zh1KoeEKRPyG2vqQKD2czxgqEw9Fb8qBYk1PXkzTaTmleAMYwCxzQqi1FfVXu0G1 OMc9QCmjFBIUzdCZykFzCSMz1QUq7MfwR+sSsVPW6+XOpuJ5xulTxJB1Qjh1CbY/ j7BL8fIpu1N6l7qT5teFlyE4Pg5XIxN5v+cBBR4wwN106M0+VyTjdDoDV0Sn//CH fj/hZczCAUXslNbPQMymzHWw88OYP1sLIeNmwMslbUjh05sEdGNdo35vUjAUlSy4 TgkfDnK0oN7q5CavD86L/3SfEjfBH0sy8I9aasCT5kPGTCXVF7mGQ03Nq7P0a+n8 hCEohKf4XDu59ejpKLKb4Dlq05y3YsuwCU9V24xHChhtsPpJhETBBFE0oI7fMY8j iL4j0u3uUCeSgylYDLLyYy0zjt/M52TR58/tMM4J/pOvVCe5P7M9fh6LCvXJyGn6 IkUuBEEkK6S3jtAxgZtDIW0ISSnQONA3+cv2VJILRJpc90o0ZKbHLzMSwJHgz6JD mHf61Rz9NykxVg/RcDYHs3iEIecQ8rzijlBiszy9Ge3B93h72P2Vn9hlu1Cr25Q5 LxQtK88QSGQ= =63kB -----END PGP SIGNATURE-----