all InfoSec news
SSA-787941 V1.1 (Last Update: 2023-03-14): Denial of Service Vulnerability in RUGGEDCOM ROS V4
Siemens ProductCERT Security Advisories cert-portal.siemens.com
RUGGEDCOM ROS-based V4 devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
attack connections denial of service denial of service attack devices http http requests partial request requests ros ruggedcom server servers service slowloris ssa the web update vulnerability vulnerable web web server web servers