CVE-2013-6920

Name of the Vulnerable Software and Affected Versions Siemens SINAMICS S/G controllers versions prior to 4.6.11

Description The issue allows remote attackers to bypass intended access restrictions. This is possible because the controllers do not require authentication for FTP and TELNET sessions, allowing access via TCP traffic to port 21 or 23.

Recommendations For versions prior to 4.6.11, update the firmware to version 4.6.11 or later to address the issue. As a temporary workaround, consider restricting access to ports 21 and 23 to minimize the risk of exploitation.