all InfoSec news
SSA-102233 V2.1 (Last Update: 2023-04-11): SegmentSmack in VxWorks-based Industrial Devices
Siemens ProductCERT Security Advisories cert-portal.siemens.com
The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
attackers availability computation conditions countermeasures devices industrial latest packet products service siemens ssa tcp under update updates vulnerability vxworks