Medium
CVE-2019-10927
An authenticated attacker with network access to Port 22/TCP of an affected device may cause a denial-of-service condition.
This security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.
CVE-2019-10928
An authenticated attacker with access to Port 22/TCP as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands.
The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity, and availability of the affected device.
Siemens
Siemens currently has an update for the following product: