• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Siemens SCALANCE Products Multiple Vulnerabilities
August 16, 2019
Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability
August 16, 2019

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

August 16, 2019

Severity

Medium

Analysis Summary

The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation, leading to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction.

Impact

  • Uncontrolled Resource Consumption
  • Denial of service

Affected Vendors

Siemens

Affected Products

  • SINAMICS GH150 v4.7
  • SINAMICS GH150 v4.8
  • SINAMICS GL150 v4.7
  • SINAMICS GL150 v4.8
  • SINAMICS GM150 v4.7
  • SINAMICS GM150 v4.8
  • SINAMICS SL150 v4.7
  • SINAMICS SL150 v4.8
  • SINAMICS SM120 v4.7
  • SINAMICS SM120 v4.8
  • SINAMICS SM150 v4.8

Remediation

Siemens recommends users update to v4.8 SP2 HF9.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.