all InfoSec news
SSA-711309 V1.0: Denial of Service Vulnerability in the ANSI C OPC UA SDK of SIMATIC Products
Siemens ProductCERT Security Advisories cert-portal.siemens.com
The ANSI C OPC UA implementation as used in several SIMATIC products contains a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available.
ansi attacker certificate denial of service implementation opc opc ua products sdk service siemens simatic simatic products ssa unauthenticated updates vulnerability