VULNERABILITIES / FIXES - December 21, 2012
by Carol~ - 12/21/12 9:10 AM
Siemens SIMATIC S7-1200 Two Denial of Service Vulnerabilities
Release Date : 2012-12-21
Criticality level : Less critical
Where : From local network
Solution Status : Unpatched
Operating System : Siemens SIMATIC S7-1200 2.x
Siemens SIMATIC S7-1200 3.x
Two vulnerabilities have been reported in SIMATIC S7-1200, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An error when handling SNMP status information can be exploited to cause the device to enter defect mode via specially crafted packets sent to UDP port 161.
2) An error when handling TCP packets (ISO-TSAP) for device management can be exploited to cause the device to enter defect mode via specially crafted packets sent to TCP port 102.
The vulnerabilities are reported in all 2.x and 3.x versions.
The vendor is currently working on a fix. No official solution is currently available.
Provided and/or discovered by:
The vendor credits:
1) Prof. Dr. Hartmut Pohl, softScheck GmbH
2) Arne Vidstrom, Swedish Defence Research Agency (FOI)