OTPulse
FeedAboutContact

Siemens SCALANCE S613 Denial-of-Service Vulnerability

Monitor5.3ICS-CERT ICSA-16-103-02Jan 14, 2016
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SCALANCE S613 network switch allows remote attackers to cause a denial-of-service condition by sending specially crafted packets that cause the device to become unresponsive. The switch does not properly validate inbound packets, consuming resources without proper bounds checking. Affected versions: all versions.

What this means
What could happen
An attacker can cause the SCALANCE S613 network switch to become unresponsive, disrupting communications between field devices and control systems until the switch is manually rebooted.
Who's at risk
Water utilities, electric utilities, and other critical infrastructure operators who use SCALANCE S613 industrial network switches for control system communications. This affects any plant or facility where the S613 connects field instrumentation, programmable logic controllers, or remote terminal units to control networks.
How it could be exploited
An attacker with network access to the SCALANCE S613 switch can send specially crafted packets that trigger a denial-of-service condition. The switch processes these packets without proper validation, consuming resources and becoming unresponsive to legitimate network traffic.
Prerequisites
  • Network access to the SCALANCE S613 switch
  • No authentication required
  • Attacker can reach the switch from the network (directly or through routing)
remotely exploitableno authentication requiredlow complexityno patch availableindustrial network infrastructure dependency
Exploitability
Moderate exploit probability (EPSS 6.5%)
Affected products (1)
ProductAffected VersionsFix Status
SCALANCE S613 (MLFB 6GK5613-0BA00-2AA3): vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDDeploy firewall rules to block untrusted traffic destined for the SCALANCE S613 switch
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDMaintain spare SCALANCE S613 units or have manual failover procedures ready to quickly restore network connectivity if the switch is compromised
Mitigations - no patch available
0/2
SCALANCE S613 (MLFB 6GK5613-0BA00-2AA3): vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to restrict access to the SCALANCE S613 switch from only authorized engineering workstations and control systems
HARDENINGMonitor the switch for signs of denial-of-service attacks (rapid loss of connectivity, high error rates)
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/221b047f-e28b-4c78-b11a-a63239d72d05