all InfoSec news
SSA-593272 V2.1 (Last Update: 2024-05-14): SegmentSmack in Interniche IP-Stack based Industrial Devices
Siemens ProductCERT Security Advisories cert-portal.siemens.com
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions.
The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.
Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.
attackers availability can computation conditions devices industrial industrial devices packet products service siemens ssa stack tcp under update vulnerability