The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port and into the mirrored network. An attacker could exploit this vulnerability to transmit malicious packets to systems in the mirrored network to influence their configuration and runtime behavior.
This vulnerability could be exploited by an attacker with network access to the traffic-receiving network. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the confidentiality and availability of the traffic-generating network.
Feed data over a mirror port and into the mirrored network.
To reduce the risk of the vulnerability, vendor has identified the following workaround/mitigation.
Update to v4.1: https://support.industry.siemens.com/cs/ww/en/view/109762982