OTPulse
FeedAboutContact

Siemens Automation License Manager Uncontrolled Resource Consumption

Plan Patch8.6ICS-CERT ICSA-12-349-01Dec 12, 2012
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Uncontrolled resource consumption vulnerability in Automation License Manager versions 4.0 through 5.1. A remote attacker can send specially crafted packets to port 4410/tcp, causing the license manager service to become unresponsive or crash. This denial of service prevents legitimate users from acquiring or renewing software licenses, disrupting system administration and potentially preventing automation systems from starting or reconnecting after restart.

What this means
What could happen
An attacker can send malicious network packets to crash or hang the Automation License Manager, preventing engineers and operators from acquiring or renewing software licenses needed to run automation systems.
Who's at risk
Organizations using Siemens Automation License Manager (versions 4.0 through 5.1) to manage software licenses for PLCs, HMIs, and engineering workstations. Affects any facility using Siemens TIA Portal, STEP 7, or other licensed Siemens automation software that depends on centralized license management.
How it could be exploited
An attacker with network access to port 4410/tcp on the License Manager server sends specially crafted packets designed to consume excessive resources, causing the service to become unresponsive or crash. This blocks all downstream license requests from engineering workstations and production controllers.
Prerequisites
  • Network access to port 4410/tcp on the Automation License Manager server
  • Ability to send specially crafted network packets (no authentication required)
remotely exploitableno authentication requiredlow complexityaffects license management (availability impact to automation systems)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Automation License Manager≥ 4.0, < 5.25.2
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Automation License Manager to version 5.2 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/730dfc44-0893-417c-a10e-2a88f5f20499