Yesterday the DHS ICS-CERT published an advisory for the Siemens SCALANCE X-200 switches concerning an authentication bypass vulnerability that was apparently self-identified. This advisory had previously been published on the US-CERT secure portal to allow owners an opportunity to correct the vulnerability prior to public disclosure.
ICS-CERT reports that a relatively low skilled attacker could remotely exploit this vulnerability to ‘perform administrative operations’ over the network.
The Siemens ProductCERT advisory noted that this vulnerability had been corrected in earlier firmware updates that were published to correct reported vulnerabilities in the X-200 and X-200IRT switch families. Both advisories recommend any users that had not previously upgraded to do so now.
Federal Shutdown Communications
It appears that communications between Siemens and ICS-CERT may have been adversely impacted by the current shut down. The same day that ICS-CERT published their initial advisory on the US-CERT secure portal the Siemens ProductCERT published their advisory on their open web page. I’m pretty sure that if ICS-CERT had understood that Siemens was publishing their advisory in an open forum then ICS-CERT would not have made their initial distribution to just the limited number of folks with access to the US-CERT secure portal.