Siemens SICAM RTU Devices Denial-of-Service Vulnerability

CVEs (1)

Remediations

• Siemens provides firmware ETA4 Revision 08 for SM-2558 that fixes the vulnerability and recommends customers update to the fixed version. (http://w3.siemens.com/smartgrid/global/en/products-systems-solutions/substation-automation/substation-automation/Pages/Overview.aspx)
• For the SM-2556 extension module, Siemens recommends customers contact the support center at: (mailto:[email protected])
• Until patches can be applied, Siemens advises to apply the following steps to mitigate the risk: Use a firewall or the IPsec functionality of the SM-2558 module to restrict access to Port 2404/TCP, The SICAM RTUs ADMINISTRATOR Security Manual: (http://www.downloads.siemens.com/download-center/d/SIC_RTUs_ADMIN_SECURITY_ENG.pdf?mandator=ic_sg&segment=Global&fct=downloadasset&pos=download&id1=DLA05_43299), Always run RTUs in trusted networks.
• As a general security measure Siemens strongly recommends to protect network access with appropriate mechanisms (e.g., firewalls, segmentation, VPN). It is advised to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment. Siemens recommends security guidelines to Secure Substation: (http://www.siemens.com/gridsecurity)
• For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-296574 at the following location: (http://www.siemens.com/cert/advisories)

Affected Vendors

Affected Products (7)