Rewterz Threat Advisory – Siemens SCALANCE Products Multiple Vulnerabilities
August 16, 2019Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability
August 16, 2019Rewterz Threat Advisory – Siemens SCALANCE Products Multiple Vulnerabilities
August 16, 2019Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability
August 16, 2019Severity
Medium
Analysis Summary
The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation, leading to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction.
Impact
- Uncontrolled Resource Consumption
- Denial of service
Affected Vendors
Siemens
Affected Products
- SINAMICS GH150 v4.7
- SINAMICS GH150 v4.8
- SINAMICS GL150 v4.7
- SINAMICS GL150 v4.8
- SINAMICS GM150 v4.7
- SINAMICS GM150 v4.8
- SINAMICS SL150 v4.7
- SINAMICS SL150 v4.8
- SINAMICS SM120 v4.7
- SINAMICS SM120 v4.8
- SINAMICS SM150 v4.8
Remediation
Siemens recommends users update to v4.8 SP2 HF9.