DNS Client Vulnerabilities in SIMOTICS CONNECT 400
Monitor6.5SSA-669158Apr 13, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
SIMOTICS CONNECT 400 contains DNS Client vulnerabilities inherited from the Nucleus RTOS DNS Module (SSA-705111). These vulnerabilities in memory safety and input validation can be exploited through crafted DNS requests. Siemens has released firmware updates to address the issue.
What this means
What could happen
An attacker on the network could exploit DNS Client vulnerabilities in the SIMOTICS CONNECT 400 device to cause service disruption or potentially read sensitive data from device memory, affecting communication and monitoring of connected motor systems.
Who's at risk
Motor control system operators using SIMOTICS CONNECT 400 devices in industrial and utility settings. This affects any facility using Siemens SIMOTICS motor starters with the CONNECT 400 connectivity module for remote monitoring or control.
How it could be exploited
An attacker with network access to the SIMOTICS CONNECT 400 device could send crafted DNS requests that trigger memory safety issues in the DNS client module. This could cause the device to crash (denial of service) or leak sensitive information from the device's memory through malformed DNS responses.
Prerequisites
- Network access to the SIMOTICS CONNECT 400 device or its network segment
- Device must be configured to perform DNS queries
- Attack complexity is high (specific conditions or timing required for exploitation)
remotely exploitablelow EPSS score (0.9%)affects device availability
Exploitability
Low exploit probability (EPSS 0.9%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SIMOTICS CONNECT 400< V0.5.0.00.5.0.0
SIMOTICS CONNECT 400≥ V0.5.0.0 < V1.0.0.01.0.0.0
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
SIMOTICS CONNECT 400
HOTFIXUpdate SIMOTICS CONNECT 400 versions prior to V0.5.0.0 to firmware version 0.5.0.0 or later
HOTFIXUpdate SIMOTICS CONNECT 400 versions V0.5.0.0 or later to firmware version 1.0.0.0 or later
Long-term hardening
0/2SIMOTICS CONNECT 400
HARDENINGImplement network segmentation to restrict access to SIMOTICS CONNECT 400 devices from untrusted network segments
All products
HARDENINGMonitor for DNS query anomalies or unexpected device restarts that could indicate exploitation attempts
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/f495fff5-6923-41f6-b788-2a0b48f81468