Siemens Scalance X200 Series Switch SNMPv3 Remote Security Bypass Vulnerability

Release date:
Updated on:

Affected Systems:
Siemens Scalance X-200 Series Switches
Description:
--------------------------------------------------------------------------------
Bugtraq id: 60168
CVE (CAN) ID: CVE-2013-3634
 
Siemens Scalance X200 series switches can be used to connect industrial components, such as PLC or HMI.
 
Scalance X200 IRT does not effectively verify user creden。 in SNMPv3 implementation. attackers can execute SNMP commands without creden.
 
<* Source: vendor

Link: http://secunia.com/advisories/53519/
Http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-1
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
 
If you cannot install patches immediately or upgrade the SCALANCE X-200IRT V5.1.0, NSFOCUS recommends that you take the following actions to mitigate threats:
 
* Disable SNMP or completely disable all read/write permissions.
 
Vendor patch:
 
Siemens
-------
Siemens has released a Security Bulletin (siemens_security_advisory_ssa-170686) and patches for this:
Siemens_security_advisory_ssa-170686: Vulnerabilities in Siemens Scalance X200 IRT Switch Family
Link: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-170686.pdf