SSA-783261

Siemens Security Advisory by Siemens ProductCERT

SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2

Publication Date:	2012-12-12
Last Update:	2026-02-10
Current Version:	V1.1
CVSS v3.1 Base Score:	8.6
CVSS v4.0 Base Score:	9.2

SUMMARY

A vulnerability was identified in the Automation License Manager software before V5.2 that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial of service preventing legitimate users from using the system.

Siemens has released a new version for Automation License Manager and recommends to update to the latest version.

KNOWN AFFECTED PRODUCTS

Un-/Collapse All

Affected Product and Versions	Remediation
Automation License Manager All versions >= V4.0 < V5.2 affected by CVE-2012-4691	Update to V5.2 or later version https://support.industry.siemens.com/cs/ww/en/view/114358/ See further recommendations from section Mitigations

MITIGATIONS

Siemens has identified the following specific mitigations that customers can apply to reduce the risk:

If remote connections are needed, limit remote access to port 4410/tcp to trusted systems only
On the Automation License Manager settings menu disable "Allow Remote Connections"

Product-specific remediations or mitigations can be found in the section Known Affected Products.
Please follow the General Security Recommendations.

GENERAL SECURITY RECOMMENDATIONS

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

PRODUCT DESCRIPTION

Automation License Manager (ALM) centrally manages license keys for various Siemens software products.

VULNERABILITY DESCRIPTION

Un-/Collapse All

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory. Wherever applicable, it also documents the product-specific impact of the individual vulnerabilities.

Vulnerability CVE-2012-4691

Specially crafted packets sent to port 4410/tcp cause memory leaks within the application. This could allow a remote unauthenticated attacker to crash the application due to insufficient resources. This denial of service condition could prevent legitimate users from using subsequent products that rely on the affected application for license verification.

CVSS v3.1 Base Score	8.6
CVSS v3.1 Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVSS v4.0 Base Score	9.2
CVSS v4.0 Vector	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
CWE	CWE-400: Uncontrolled Resource Consumption

ADDITIONAL INFORMATION

Note that the default setting of the Windows firewall is to block the port used by ALM (4410/tcp) for all networks except the local subnet. If this setting has not been changed by the administrator, the vulnerability cannot be exploited from remote networks.

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

HISTORY DATA

V1.0 (2012-12-12):	Publication Date
V1.1 (2026-02-10):	Used CVE ID (CVE-2012-4691) instead of the deprecated SVE ID (SVE-2012-0001); Corrected CVSS vector; Updated SSA to current data model and support of csaf

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.