Siemens Scalance X switch Denial of Service Vulnerability
Release date:
Updated on:
Affected Systems:
Siemens Scalance X Switches X-408
Siemens Scalance X Switches X-300
Description:
Bugtraq id: 72251
CVE (CAN) ID: CVE-2014-8479
Siemens Scalance X Switches is an industrial Ethernet switch product used to connect industrial components such as PLC or HMI.
A denial of service vulnerability exists on the implementation of the FTP server of the Siemens SCALANCE X-300, X-408 switch (earlier than firmware 4.0), remote attackers send crafted network packets to port 21/TCP, this vulnerability can cause DoS (restart ).
<* Source: Deja vu Security
Link: https://ics-cert.us-cert.gov/advisories/ICSA-15-020-01
*>
Suggestion:
Vendor patch:
Siemens
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://support.automation.siemens.com/WW/view/en/107178573
This article permanently updates the link address: