CVE Number – CVE-2019-6569
A vulnerability was identified in several SCALANCE X switches that could allow an attacker to feed information into a network via the mirror port with the monitor barrier feature enabled.
The monitor barrier implementation in various SCALANCE products does allow traffic to be directed back into the mirroring network. This might allow an attacker to feed back information into the network that is mirrored.
SCALANCE X switches are used to connect industrial components like Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs).
Siemens has identified the following specific workaround/mitigation that users can implement to reduce the risk associated with this vulnerability in SCALANCE XP/XC/XF-200:
- Update to v4.1: https://support.industry.siemens.com/cs/ww/en/view/109762982
Until a software update can be installed, Siemens recommends users apply defense in depth principles, particularly ensuring that no devices that transmit data back in the mirroring network are operated within the mirrored network.