Rewterz Threat Advisory – Microsoft OneDrive for Windows Elevation of Privilege Vulnerability
April 15, 2020Rewterz Threat Alert – TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
April 15, 2020Rewterz Threat Advisory – Microsoft OneDrive for Windows Elevation of Privilege Vulnerability
April 15, 2020Rewterz Threat Alert – TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
April 15, 2020Severity
Medium
Analysis Summary
CVE-2019-19300
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.
Impact
- Uncontrolled Resource Consumption
- Denial of service
Affected Vendors
Siemens
Affected Products
- KTK
- SIDOOR
- SIMATIC
- SINAMICS
Remediation
Refer to ICS advisory for the list of affected versions and upgraded patches.