CVE-2018-11452

Name of the Vulnerable Software and Affected Versions Firmware variant IEC 61850 for EN100 Ethernet module versions prior to V4.33 Firmware variant PROFINET IO for EN100 Ethernet module (all versions) Firmware variant Modbus TCP for EN100 Ethernet module (all versions) Firmware variant DNP3 TCP for EN100 Ethernet module (all versions) Firmware variant IEC104 for EN100 Ethernet module versions prior to V1.22

Description The issue is related to insufficient input validation in the firmware of the Siemens communication module. It allows an attacker with network access to cause a denial-of-service condition by sending specially crafted packets to port 102/tcp, if the oscillograph function is activated. This can compromise the availability of the system. No user interaction or privileges are required for exploitation. A manual restart is necessary to recover the module's functionality. At the time of the advisory publication, there were no known public exploitations of this issue.

Recommendations For Firmware variant IEC 61850 for EN100 Ethernet module versions prior to V4.33, update to version V4.33 or later. For Firmware variant PROFINET IO for EN100 Ethernet module, restrict access to port 102/tcp until a fix is available. For Firmware variant Modbus TCP for EN100 Ethernet module, avoid using the oscillograph function until the issue is resolved. For Firmware variant DNP3 TCP for EN100 Ethernet module, consider disabling the oscillograph function as a temporary workaround. For Firmware variant IEC104 for EN100 Ethernet module versions prior to V1.22, update to version V1.22 or later.