Siemens created a firmware update that mitigates an authentication bypass vulnerability in the SINAMICS S/G product family, according to a report on ICS-CERT.
Siemens tested the update and confirmed it resolves the remotely exploitable vulnerability, which if exploited could allow an attacker to access administrative functions on the device without authentication.
The vulnerability affects the SINAMICS S/G family with firmware version prior to 4.6.11.
Successful exploitation of this vulnerability may allow attackers to perform administrative operations over the network without authentication.
Siemens is an international company headquartered in Munich, Germany. Siemens develops products mainly in the energy, transportation, and healthcare sectors. The SINAMICS S/G family, controls a variety of drives, especially in mechanical engineering and plant construction. In addition, SINAMICS S/G family interacts with motion controllers used to coordinate synchronous operations or complex technology functions.
The SINAMICS S/G open ports and services, FTP 21/TCP and Telnet 23/TCP, might allow attackers to perform administrative operations over the network without authentication. CVE-2013-6920 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 10.0.
While no known public exploits specifically target this vulnerability, an attacker with a low skill would be able to exploit this vulnerability.
Siemens has produced a firmware update, SINAMICS S/G V4.6.11 and 4.7, which resolves this vulnerability and users should contact Siemens customer support to acquire the update.
Click here to view the Siemens security advisory.