GAI NetConsultSep 18

๐Ÿ”Ž ๐—ฉ๐˜‚๐—น๐—ป๐—ฒ๐—ฟ๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜† ๐—ถ๐—ป ๐—ฆ๐—ถ๐—ฒ๐—บ๐—ฒ๐—ป๐˜€ ๐—ฆ๐—œ๐—ฃ๐—ฅ๐—ข๐—ง๐—˜๐—– ๐Ÿฑ ๐—œ๐—ฑ๐—ฒ๐—ป๐˜๐—ถ๐—ณ๐—ถ๐—ฒ๐—ฑ

Our Technical Security Audit team has identified a vulnerability in ๐—ฆ๐—ถ๐—ฒ๐—บ๐—ฒ๐—ป๐˜€ ๐—ฆ๐—œ๐—ฃ๐—ฅ๐—ข๐—ง๐—˜๐—– ๐Ÿฑ ๐—ฑ๐—ฒ๐˜ƒ๐—ถ๐—ฐ๐—ฒ๐˜€:
โš ๏ธ The USB port may allow attacks due to improper bandwidth limitation.

๐Ÿ“Œ Description:
Affected SIPROTEC 5 devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. During this restart the protection function is not available.

๐Ÿ“„ The full advisory is available here: https://www.gai-netconsult.de/wp-content/uploads/2025/09/Advisory-GAINC-2025-001-1.0.pdf

โš ๏ธ Please follow the manufacturerโ€™s guidance and updates.

๐ŸŒ An overview of further advisories can be found on our website: www.gai-netconsult.de/advisories

๐Ÿ‘ Congratulations to our colleagues ๐— ๐—ฎ๐—ฟ๐—ฐ ๐—–๐˜‚๐—ป๐˜† and ๐—ง๐—ผ๐—ฟ๐—ฎ๐—น๐—ณ ๐—š๐—ถ๐—บ๐—ฝ๐—ฒ๐—น for this discovery.

#CyberSecurity #SecurityAdvisory #Vulnerability #ITSecurity #GAINetConsult #SecurityNotice