Updates have been released for a vulnerability in Siemens Industrial Real-time Devices. The vulnerability is exploitable remotely with a low skill level required to exploit it. It’s an improper input validation vulnerability. An attacker sending a specially crafted packet could break the real-time synchronization of the affected installation, which may cause a denial-of-service condition.
CVE-2019-10923 has been assigned to this vulnerability.
Following updates are available.
The following updates can be obtained from a Siemens representative or via Siemens customer service.