all InfoSec news
SSA-712929 V1.0: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
Siemens ProductCERT Security Advisories cert-portal.siemens.com
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available.
[0] https://www.openssl.org/news/secadv/20220315.txt
certificates curve cve cve-2022-0778 denial of service elliptic industrial openssl products service siemens ssa update updates version vulnerability vulnerable