Siemens Scalance Firewall Security Vulnerabilities

Release date:
Updated on:

Affected Systems:
Siemens Scalance S Security Modules
Description:
--------------------------------------------------------------------------------
Siemens Scalance Firewall can filter inbound and outbound network connections in multiple ways to ensure the security of trusted industrial networks.

Siemens Scalance Firewall has multiple vulnerabilities, which can be exploited by malicious users to launch brute force attacks or cause DoS attacks.

1) the absence of direct time delay in logon failures of Web configuration interfaces can increase the feasibility of brute-force attacks;

2) when processing the Profinet DCP protocol, a specially crafted DCP packet can cause the firewall to not respond and interrupt the established VPN channel.

<* Source: Adam Hahn

Link: http://secunia.com/advisories/48680/
Http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-2
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Siemens
-------
Siemens has released a Security Bulletin (siemens_security_advisory_ssa-268149) and patches for this:

Siemens_security_advisory_ssa-268149: http://www.siemens.com/corporate-technology/

Link: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-2