Siemens Security Advisory by Siemens ProductCERT SSA

Siemens Security Advisory by Siemens ProductCERT
SSA-742938:
Open Ports in SINAMICS S/G Firmware
Publication Date
Last Update
Current Version
CVSS Overall Score
2013-12-04
2013-12-17
1.2
7.8
Summary:
A potential vulnerability was discovered in the SINAMICS S/G converter family which might
allow attackers to access administrative functions on the device without authentication.
Siemens addresses the issue by a firmware update.
AFFECTED PRODUCTS
SINAMICS G120 with firmware version < V4.6 HF11
Alternatively, the affected products may be identified by using their MLFB. Products with the
following MLFBs are affected (character ‘x’ is a wildcard):
6SL3544-0Fx2x-1Fx0
6SL3243-0BB30-1FAx
6SL3244-0BB1x-1FA0
6SL3246-0BA22-1FA0
6SL3210-1KExx-xxFx
DESCRIPTION
The SINAMICS S/G converter family is used to control a wide variety of drives, especially in
mechanical engineering and plant construction. They also interact with motion controllers,
which are used among other things to coordinate synchronous operations or complex
technology functions.
Open ports and services might allow an attacker to access administrative functions on the
affected devices.
Detailed information about the vulnerability is provided below.
VULNERABILITY CLASSIFICATION
The vulnerability classification has been performed by using the CVSSv2 scoring system
(http://www.first.org/cvss/). The CVSS environmental score is specific to the customer's
environment and will impact the overall CVSS score. The environmental score should
therefore be individually defined by the customer to accomplish final scoring.
Vulnerability Description (CVE-2013-6920)
Open ports and services (FTP 21/tcp and Telnet 23/tcp) might allow attackers to access
administrative functions of the affected devices over the network without authentication.
CVSS Base Score
CVSS Temporal Score
CVSS Overall Score
10.0
7.8
7.8 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Mitigating factors:
The attacker must have network access to the affected device.
SSA-742938
© Siemens AG 2013
Page 1 of 2
Siemens Security Advisory by Siemens ProductCERT
SOLUTION
Siemens provides firmware update V4.6 HF11 for SINAMICS G120 which fixes the potential
vulnerability by closing the affected open ports and services [1].
As a general security measure Siemens strongly recommends to protect network access to
the interface of SINAMICS S/G with appropriate mechanisms. It is advised to follow
recommended security practices [4] and to configure the environment according to
operational guidelines [2] in order to run the devices in a protected IT environment.
ADDITIONAL RESOURCES
[1] The firmware update can be obtained from your local Siemens account manager.
[2] An overview of the operational guidelines for Industrial Security (with the cell protection
concept):
http://www.industry.siemens.com/topics/global/en/industrialsecurity/Documents/operational_guidelines_industrial_security_en.pdf
[3] Information about Industrial Security by Siemens:
http://www.siemens.com/industrialsecurity
[4] Recommended security practices by ICS-CERT:
http://ics-cert.us-cert.gov/content/recommended-practices
[5] For further inquiries on vulnerabilities in Siemens products and solutions, please
contact the Siemens ProductCERT:
http://www.siemens.com/cert/advisories
HISTORY DATA
V1.0 (2013-12-04):
V1.1 (2013-12-04):
V1.2 (2013-12-17):
Publication date
Updated download information
Updated affected products (MLFBs) and firmware update version
DISCLAIMER
See: http://www.siemens.com/terms_of_use
SSA-742938
© Siemens AG 2013
Page 2 of 2