OTPulse
FeedAboutContact

Siemens Sentron Powercenter 1000

Plan Patch7.5ICS-CERT ICSA-24-284-12Oct 8, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in the SIRIUS 3RV2921-5M motor starter (versions before 5.1) allows an attacker with network access to cause a denial of service condition, rendering the device unresponsive. The device will not respond to control commands until manually recovered. Siemens has released firmware version 5.1 with a fix.

What this means
What could happen
An attacker with network access to the SIRIUS 3RV2921-5M motor starter could cause it to stop responding, disrupting motor control and potentially halting equipment that depends on that motor, such as pumps or compressors in water and electrical systems.
Who's at risk
Water utilities and municipal electric utilities operating Siemens SIRIUS 3RV2921-5M motor starters for pump, compressor, or critical motor control systems should assess whether they have these devices in service.
How it could be exploited
An attacker sends network traffic to the vulnerable SIRIUS 3RV2921-5M device to trigger a denial of service condition, causing the device to become unresponsive and unable to control the connected motor.
Prerequisites
  • Network access to the SIRIUS 3RV2921-5M device
  • Device running firmware version prior to 5.1
  • No authentication credentials required
remotely exploitableno authentication requiredlow complexityaffects motor control in critical infrastructure
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
SIRIUS 3RV2921-5M< V5.15.1
Remediation & Mitigation
0/4
Do now
0/3
WORKAROUNDImplement physical isolation of the SIRIUS 3RV2921-5M device from network access when possible
HARDENINGPlace the device behind a firewall and restrict network access to only authorized engineering and monitoring systems
HARDENINGEnsure the device is not directly accessible from the internet or business network; isolate it on a dedicated control system network
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIRIUS 3RV2921-5M firmware to version 5.1 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/2fbbd666-c46e-42e0-89ce-60dc3dd45ced
Siemens Sentron Powercenter 1000 | CVSS 7.5 - OTPulse