Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2

An attacker could crash the Automation License Manager service, preventing legitimate users and engineering workstations from obtaining or renewing software licenses for Siemens automation tools, which would block engineering activities and potentially prevent system startups that depend on valid licenses.

This affects organizations running Siemens Automation License Manager versions 4.0 through 5.1, including engineering departments that depend on this license server to authorize TIA Portal, PLCsim, and other Siemens automation tools. Any facility where engineering workstations check out licenses from this server is at risk of losing access to development and commissioning tools.

An attacker sends specially crafted network packets to port 4410/tcp on a system running Automation License Manager. The vulnerable service processes these packets without proper validation, causing it to crash or become unresponsive, denying service to all users attempting to license or use Siemens automation software.