Siemens SENTRON Powercenter 1000

Low RiskICS-CERT ICSA-24-347-10Dec 10, 2024

Summary

SENTRON Powercenter 1000 and 1100 devices are not affected by a denial of service vulnerability that can be triggered during BLE (Bluetooth Low Energy) pairing. An earlier version of this advisory incorrectly identified these products as vulnerable, but detailed analysis has confirmed they are not impacted by this issue.

What this means

What could happen

No impact. These devices are not vulnerable to the reported BLE pairing denial of service condition.

Who's at risk

Energy utilities operating Siemens SENTRON Powercenter 1000 and 1100 devices for electrical distribution monitoring and control. These devices are used in substation automation and power management systems where reliable operation is critical to grid stability and power delivery.

How it could be exploited

Not applicable. The devices are not vulnerable to this denial of service vulnerability.

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 pending

ProductAffected VersionsFix Status

SENTRON Powercenter 1000 (7KN1110-0MC00)All versionsNo fix yet

SENTRON Powercenter 1100 (7KN1111-0MC00)All versionsNo fix yet

Remediation & Mitigation

0/3

Long-term hardening

0/3

HARDENINGProtect network access to SENTRON Powercenter devices with appropriate security mechanisms (firewall rules, network segmentation, access controls)

HARDENINGConfigure the environment according to Siemens' operational guidelines for Industrial Security

HARDENINGFollow recommendations in the SENTRON Powercenter product manuals for secure operation

CVEs (1)

CVE-2024-6657

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/055ed23d-b392-4c13-a9b6-1a305ee8167e