all InfoSec news
SSA-918992 V1.0: Unused HTTP Service on SENTRON 3KC ATC6 Ethernet Module
March 12, 2024, midnight |
Siemens ProductCERT Security Advisories cert-portal.siemens.com
SENTRON 3KC ATC6 Expansion Module Ethernet exposes an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet, which could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot.
Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
attacker denial of service device ethernet expansion fix http network port reboot service siemens ssa tcp
More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Data & Security Engineer Lead
@ LiquidX | Singapore, Central Singapore, Singapore
IT and Cyber Risk Control Lead
@ GXS Bank | Singapore - OneNorth
Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F
@ Hifield | Sèvres, France
Cyber Security Analyst (Weekend 1st Shift)
@ Fortress Security Risk Management | Cleveland, OH, United States
Senior Manager, Cybersecurity
@ BlueTriton Brands | Stamford, CT, US