

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability
August 16, 2019
Rewterz Threat Advisory – Multiple HTTP/2 Implementations Vulnerabilities
August 16, 2019
Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability
August 16, 2019
Rewterz Threat Advisory – Multiple HTTP/2 Implementations Vulnerabilities
August 16, 2019Severity
High
Analysis Summary
An attacker may send large message packages repeatedly to the telnet service, which may allow a denial-of-service condition.
Impact
Denial of Service
Affected Vendors
Siemens
Affected Products
- SCALANCE X-200: All versions
- SCALANCE X-200IRT: All versions
- SCALANCE X-200RNA: All versions
Remediation
Siemens has identified the following specific workarounds and mitigation users can apply to reduce the risk:
- Disable telnet service on affected devices. Users should use SSH instead.
- Restrict network access to Port 23/TCP of the device.