all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-459643 V1.0: Denial of Service Vulnerability in RUGGEDCOM ROS before V5.6.0

Add to bookmarks
Sept. 13, 2022, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

RUGGEDCOM ROS-based devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends.


Siemens has released updates for the affected products and recommends to update to the latest versions.

attack connections denial of service denial of service attack devices http http requests partial request requests ros ruggedcom server servers service slowloris ssa the web vulnerability vulnerable web web server web servers

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-750274 V1.0: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual … 2 weeks, 4 days ago | cert-portal.siemens.com
addresses advisory alto countermeasures +22
SSA-222019 V1.0: X_T File Parsing Vulnerabilities in Parasolid 4 weeks ago | cert-portal.siemens.com
application applications attacker code +12
SSA-885980 V1.0: Multiple Vulnerabilities in Scalance W1750D 4 weeks ago | cert-portal.siemens.com
attacker buffer buffer overflow code +16
SSA-822518 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 … 4 weeks ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-455250 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices 4 weeks ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-265688 V1.0: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 4 weeks ago | cert-portal.siemens.com
countermeasures fix fixes gnu +7
SSA-730482 V1.0: Denial of Service Vulnerability in SIMATIC WinCC 4 weeks ago | cert-portal.siemens.com
attacker box denial of service dialog +14
SSA-556635 V1.0: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 4 weeks ago | cert-portal.siemens.com
1.2.0 basic fixes server +4
SSA-128433 V1.0: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 4 weeks ago | cert-portal.siemens.com
latest nms siemens sinec +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs