Siemens SIPROTEC DoS (SCADA)
High Nessus Network Monitor Plugin ID 700132
SynopsisA Denial of Service (DoS) attack targeting Siemens SIPROTEC has been detected.
DescriptionSiemens SIPROTEC contains a flaw in the EN100 module that is triggered when handling data sent to a service listening on port 50000/UDP. With a specially crafted request, a remote attacker can cause the service to stop responding, requiring a reboot in order to restore functionality.
SolutionConfirm that the installed version is SIPROTEC 4.5 or later. If that version cannot be obtained, ensure that this hardware is running in compliance with corporate standards and security guidelines.