Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Siemens SIPROTEC DoS (SCADA)

High

Synopsis

A Denial of Service (DoS) attack targeting Siemens SIPROTEC has been detected.

Description

Siemens SIPROTEC contains a flaw in the EN100 module that is triggered when handling data sent to a service listening on port 50000/UDP. With a specially crafted request, a remote attacker can cause the service to stop responding, requiring a reboot in order to restore functionality.

Solution

Confirm that the installed version is SIPROTEC 4.5 or later. If that version cannot be obtained, ensure that this hardware is running in compliance with corporate standards and security guidelines.