GuidePedia

728x90 AdSpace

Latest News

Monday, 13 January 2014

Vulnerability in Siemens Switches allows hackers to gain admin access

A Security researcher has discovered two potential vulnerabilities in Siemens Ethernet switches allows a remote attacker to perform administrative operations.

The vulnerabilities were discovered by Eireann Leverett, Senior security consultant for IOActive and have been reported to Siemens.

The first vulnerability(CVE-2013-5944) could allow hackers to perform administrative operation over the network without authentication.

Sponsored Links
The Second vulnerability (CVE-2013-5709) could allow hackers to hijack web sessions over the network without authentication. This is due to insufficient entropy in its random number generator.

Siemens produced a patch within 3 months.  Customers of Siemens are advised to apply the SCALANCE X-200 firmware update.

Eireann is scheduled to demonstrate the vulnerabilities and release proof-of-concept code for organizations to check their own devices, at next week's S4 SCADA security conference in Miami.


Dated: Monday, January 13, 2014



Vulnerability in Siemens Switches allows hackers to gain admin access
  • Site Comments
  • Facebook Comments

0 comments:

Post a Comment

Top