all InfoSec news
SSA-293562 V3.4 (Last Update: 2022-02-08): Denial of Service Vulnerabilities in PROFINET DCP Implementation of Industrial Products
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a denial of service condition via PROFINET DCP network packets under certain circumstances. The precondition for this scenario is a direct layer 2 access to the affected products. PROFIBUS interfaces are not affected.
Siemens has released updates for several affected products and recommends to update to the new versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
access attacker denial of service devices implementation industrial layer 2 network packets products scenario service ssa under update vulnerabilities