Siemens SCALANCE S613 DoS Hole

Wednesday, April 13, 2016 @ 09:04 AM gHale


Siemens identified a resource exhaustion vulnerability that causes a denial-of-service (DoS) condition in the SCALANCE S613 device, according to a report on ICS-CERT.

Siemens recommends customers contact Siemens customer support in order to obtain advice on a solution for the customer’s specific environment.

RELATED STORIES
Siemens Working on Patch for DROWN
Uniformance PHD DoS Mitigated
Moxa NPort Device Vulnerabilities
Pro-face Clears GP-Pro EX HMI Holes

The following Siemens SCALANCE versions suffer from the remotely exploitable vulnerability: SCALANCE S613 (MLFB: 6GK5613-0BA00-2AA3): All versions.

An attacker exploiting this vulnerability can cause the device to enter a state that requires a manual reboot to recover.

Siemens is a multinational company headquartered in Munich, Germany.

The affected product, Siemens SCALANCE firewall, sees use to protect trusted industrial networks from untrusted networks. It allows filtering of incoming and outgoing network connections in different ways.

Siemens SCALANCE deploys across several sectors including chemical, critical manufacturing, defense industrial base, energy, transportation systems, and water and wastewater systems. Siemens estimates this product sees use on a global basis.

Certain legitimate messages sent to Port 443/TCP could cause a denial-of-service condition affecting the integrated web server of affected devices. A manual reboot ends up needed to recover the web server of the device.

CVE-2016-3963 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.

Siemens recommends email contact Siemens Customer Support in order to obtain advice on a solution for the customer’s specific environment.

For more information on this vulnerability and more detailed mitigation instructions, see Siemens Security Advisory SSA-751155.