all InfoSec news
SSA-185699 V1.2 (Last Update: 2022-01-11): Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerabilities described in this advisory are from this set.
The DNS client of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains two out of bounds write vulnerabilities in the handling of DNS responses that could allow an attacker to cause a denial-of-service condition or to remotely execute code.
Siemens has released updates for several affected products and recommends to …
advisory client dns dns client name networking nucleus operating system real researchers rtos security security researchers ssa system update vulnerabilities