Rewterz Threat Advisory – CVE-2019-13929 – Siemens SIMATIC IT UADM Vulnerability
October 9, 2019Rewterz Threat Alert – Ongoing njRAT Campaign Against Middle East
October 9, 2019Rewterz Threat Advisory – CVE-2019-13929 – Siemens SIMATIC IT UADM Vulnerability
October 9, 2019Rewterz Threat Alert – Ongoing njRAT Campaign Against Middle East
October 9, 2019Severity
Medium
Analysis Summary
CVE-2019-11477
The kernel is affected by an integer overflow when handling TCP Selective Acknowledgements, which could allow a remote attacker to cause a denial-of-service condition.
CVE-2019-11478
A remote attacker sending specially crafted TCP Selective Acknowledgment (SACK) sequences may cause a denial-of-service condition.
CVE-2019-11479
An attacker may exploit a vulnerability in the TCP retransmission queue implementation kernel when handling TCP Selective Acknowledgements (SACK) to cause a denial-of-service condition.
Impact
Denial of service
Affected Vendors
Siemens
Affected Products
Industrial Products
Remediation
Please see vendor’s advisory for the list of affected products and their available patches.