OTPulse
FeedAboutContact

Denial-of-Service Vulnerability in TIM 1531 IRC

Act Now7.5SSA-419820Jun 8, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

TIM 1531 IRC (including SIPLUS NET variants) versions prior to 2.2 contain a denial-of-service vulnerability. A remote attacker can send a specially crafted packet to cause the device to crash or become unresponsive, disrupting network communication for any industrial processes that depend on the device.

What this means
What could happen
An attacker can remotely crash or render the TIM 1531 IRC network interface inoperable, causing the device to stop communicating with your network and potentially interrupting production systems that depend on it for connectivity or redundancy.
Who's at risk
Organizations using Siemens TIM 1531 IRC modules for industrial network connectivity in production automation, water systems, power distribution, or discrete manufacturing should prioritize this update. This device is typically used in control network infrastructure to provide redundancy or connectivity to remote sites.
How it could be exploited
An attacker sends a specially crafted network packet to the TIM 1531 IRC's network interface. The device fails to validate or handle the packet correctly, consuming resources or entering an error state that causes a crash or restart, dropping all network connections.
Prerequisites
  • Network access to the TIM 1531 IRC on its service port (typically reachable from your network or internet if exposed)
  • No credentials required
remotely exploitableno authentication requiredlow complexityhigh EPSS score (78.6%)affects network availability
Exploitability
High exploit probability (EPSS 78.6%)
Affected products (1)
ProductAffected VersionsFix Status
TIM 1531 IRC (incl. SIPLUS NET variants)< V2.22.2
Remediation & Mitigation
0/2
Do now
0/1
WORKAROUNDIf immediate patching is not possible, restrict network access to the TIM 1531 IRC using a firewall rule—allow only trusted engineer/SCADA workstations to communicate with the device on its service port
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate TIM 1531 IRC to firmware version 2.2 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b30488cb-5782-4051-af18-edbf5834393a
Denial-of-Service Vulnerability in TIM 1531 IRC | CVSS 7.5 - OTPulse