SSA-592007 V1.7 (Last Update: 2022-06-14): Denial-of-Service Vulnerability in Industrial Products | allinfosecnews.com

June 14, 2022, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Several industrial controllers are affected by a security vulnerability that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct OSI Layer 2 access to the affected products. PROFIBUS interfaces are not affected.

Siemens has released updates for several affected products, is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available.

access attacker controllers industrial layer 2 network packets products scenario security security vulnerability service siemens ssa under update vulnerability

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-923361 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 6 days ago | cert-portal.siemens.com

application arbitrary code arbitrary code execution code +9

SSA-871704 V1.0: Multiple Vulnerabilities in SICAM Products 6 days ago | cert-portal.siemens.com

code code execution device escalation +14

SSA-925850 V1.0: Improper Access Control in Polarion ALM 6 days ago | cert-portal.siemens.com

access access control access controls apache +11

SSA-976324 V1.0: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 6 days ago | cert-portal.siemens.com

application crash file files +6

SSA-953710 V1.0: Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus … 6 days ago | cert-portal.siemens.com

access attacker buffer buffer overflow +17

SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 6 days ago | cert-portal.siemens.com

application arbitrary files attacker attacks +18

SSA-935500 V1.1 (Last Update: 2024-05-14): Denial of Service Vulnerability in FTP Server of Nucleus RTOS … 6 days ago | cert-portal.siemens.com

countermeasures fix fixes latest +6

SSA-962515 V1.0: Out of Bounds Read Vulnerability in Industrial Products 6 days ago | cert-portal.siemens.com

attacker blue bsod crash +13

SSA-661579 V1.0: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 6 days ago | cert-portal.siemens.com

application crash file files +7

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA

View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States

View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India

View on infosec-jobs.com