OTPulse
FeedAboutContact

Siemens 7KT PAC1200 Data Manager

Act Now9.8ICS-CERT ICSA-17-278-02Oct 5, 2017
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A remote code execution vulnerability exists in the Siemens 7KT PAC1200 data manager (model 7KT1260) from the SENTRON portfolio. The device fails to properly authenticate remote connections, allowing an attacker to execute arbitrary code without credentials. The vulnerability affects all firmware versions earlier than 2.03. Siemens has released firmware Version 2.03 as a fix and recommends updating to this version immediately. As a compensating control, administrators should restrict network access to the device using firewall rules and follow Siemens operational security guidelines to isolate the device in a protected environment.

What this means
What could happen
An attacker can remotely execute commands on the 7KT PAC1200 data manager without credentials, potentially disrupting power metering and energy data collection across your facility or allowing unauthorized modification of power monitoring settings.
Who's at risk
Electric utilities, energy management operations, and facilities using Siemens SENTRON 7KT PAC1200 data managers for power metering, monitoring, and energy data collection. The device typically sits on the plant network collecting real-time electrical consumption and power quality data from switchgear.
How it could be exploited
An attacker on the network can connect directly to the device and send a specially crafted request to trigger unauthenticated remote code execution. No prior authentication or complex interaction is required.
Prerequisites
  • Network access to the 7KT PAC1200 device
  • No valid credentials required
  • Device firmware version earlier than 2.03
remotely exploitableno authentication requiredlow complexitycritical CVSS (9.8)power metering/monitoring disruption possible
Exploitability
Moderate exploit probability (EPSS 2.6%)
Affected products (1)
ProductAffected VersionsFix Status
7KT PAC1200 data manager: All< 2.03V2.03
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDRestrict network access to the 7KT PAC1200 using firewall rules; only allow connections from authorized engineering workstations and management systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate 7KT PAC1200 firmware to version 2.03 or later from Siemens support site
Long-term hardening
0/1
HARDENINGSegment the device onto a dedicated VLAN or industrial network isolated from general IT infrastructure
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9998565b-171e-4dca-901a-a02a04c2ebb5
Siemens 7KT PAC1200 Data Manager | CVSS 9.8 - OTPulse