all InfoSec news
SSA-787941 V1.0: Denial of Service Vulnerability in RUGGEDCOM ROS V4
Nov. 8, 2022, midnight |
Siemens ProductCERT Security Advisories cert-portal.siemens.com
RUGGEDCOM ROS-based V4 devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories
Jobs in InfoSec / Cybersecurity
Azure DevSecOps Cloud Engineer II
@ Prudent Technology | McLean, VA, USA
Security Engineer III - Python, AWS
@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
SOC Analyst (Threat Hunter)
@ NCS | Singapore, Singapore
Managed Services Information Security Manager
@ NTT DATA | Sydney, Australia
Senior Security Engineer (Remote)
@ Mattermost | United Kingdom
Penetration Tester (Part Time & Remote)
@ TestPros | United States - Remote