Web Vulnerabilities in SCALANCE S-600 Family

Plan Patch7.5SSA-591405Feb 11, 2020

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple web vulnerabilities exist in SCALANCE S-600 family firmware (versions 3.0 through 4.0). These include Improper Neutralization of Input During Web Page Generation (CWE-80) and Uncontrolled Resource Consumption (CWE-400). The vulnerabilities allow remote attackers to conduct denial-of-service attacks or perform cross-site scripting attacks against the device web management interface without authentication.

What this means

What could happen

An attacker could conduct denial-of-service attacks against SCALANCE S-600 switches, rendering them unavailable and disrupting network connectivity for critical plant operations. Cross-Site Scripting attacks could also compromise the web management interface, allowing unauthorized configuration changes.

Who's at risk

Water authorities and electric utilities managing network infrastructure should prioritize this. It affects SCALANCE S-600 family Ethernet switches (S602, S612, S623, S627-2M), which are commonly used in industrial networks to connect PLCs, RTUs, field sensors, and SCADA servers. Any plant relying on these switches for critical process network connectivity is at risk of operational disruption.

How it could be exploited

An attacker with network access to the management port (typically port 80/443) could send specially crafted web requests to trigger denial-of-service conditions or inject malicious scripts into the web interface. No authentication is required to exploit these vulnerabilities.

Prerequisites

Network access to the SCALANCE S-600 device management interface (HTTP/HTTPS ports)
No authentication required

remotely exploitableno authentication requiredlow complexityaffects network availabilitydenial-of-service capable

Exploitability

Low exploit probability (EPSS 0.6%)

Affected products (4)

4 with fix

ProductAffected VersionsFix Status

SCALANCE S602≥ V3.0 and < V4.14.1

SCALANCE S612≥ V3.0 and < V4.14.1

SCALANCE S623≥ V3.0 and < V4.14.1

SCALANCE S627-2M≥ V3.0 and < V4.14.1

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict network access to the management interface using firewall rules to only authorized engineering workstations and monitoring systems

WORKAROUNDDisable web management interface if not actively used; manage devices via console port or SSH only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCALANCE S-600 devices (S602, S612, S623, S627-2M) to firmware version 4.1 or later

Long-term hardening

0/1

HARDENINGSegment network to isolate management access to SCALANCE devices behind a management VLAN or air gap

CVEs (3)

CVE-2019-6585 CVE-2019-13925 CVE-2019-13926

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b0054e94-dc9c-4484-bcd3-85bfa9cf4b8f