Siemens SCALANCE X-200 Vulnerability

Thursday, September 12, 2013 @ 03:09 PM gHale


Siemens created a firmware update that mitigates a Web hijack vulnerability in the SCALANCE X-200 switch product family, according to a report on ICS-CERT.

Siemens said the remotely exploitable vulnerability, discovered by researcher Eireann Leverett of IOActive, affects the following versions: SCALANCE X-200 switch family with firmware version prior to V5.0.0.

RELATED STORIES
ProSoft Patches PRNG Vulnerability
Triangle MicroWorks Fixes Bug
Schneider Radio Encryption Bug
Top Server OPC Vulnerability

In addition, the affected products may also be identifiable by their Machine-Readable Product Designation (MLFB). Products with the following MLFBs suffer from the issue:
• 6GK5224-0BA00-2AA3
• 6GK5216-0BA00-2AA3
• 6GK5212-2BB00-2AA3
• 6GK5212-2BC00-2AA3
• 6GK5208-0BA10-2AA3
• 6GK5206-1BB10-2AA3
• 6GK5206-1BC10-2AA3
• 6GK5204-2BB10-2AA3
• 6GK5204-2BC10-2AA3
• 6GK5208-0HA10-2AA6
• 6GK5204-0BA00-2AF2
• 6GK5208-0BA00-2AF2
• 6GK5206-1BC00-2AF2
• 6GK5204-2BC00-2AF2
• 6GK5204-2BB10-2CA2
Successful exploitation of this vulnerability may allow attackers to hijack Web sessions over the network without authentication.

Siemens is an international company headquartered in Munich, Germany. Siemens develops products mainly in the energy, transportation, and healthcare sectors. The affected products, SCALANCE X-200 switches, connect industrial components such as PLCs or HMIs. These switches use a Web-based interface that enables administrators to change device configuration using an Internet browser.

The authentication of the integrated Web server of SCALANCE X-200 switches might allow attackers to hijack Web sessions over the network without authentication because of insufficient entropy in its random number generator.

CVE-2013-5709 is the number for the vulnerability, which has a CVSS v2 base score of 8.3.

There are no public exploits specifically target this vulnerability right now and an attacker with a medium skill would be able to exploit this vulnerability.

Siemens produced a new version of SCALANCE X-200 firmware, V5.0.0. This new version fixes the Web hijack vulnerability. Users may obtain a copy of V5.0.0 at this Siemens Web site.

Click here for the Siemens security advisory.



Leave a Reply

You must be logged in to post a comment.