Security News > 2020 > February > Siemens Patches Serious DoS Vulnerabilities in Several Products

Siemens Patches Serious DoS Vulnerabilities in Several Products
2020-02-12 16:31

Siemens' Patch Tuesday updates for February 2020 address serious denial-of-service vulnerabilities in several of the company's products.

Siemens SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC products are affected by a high-severity DoS flaw if encrypted communication is enabled.

In a separate advisory, Siemens said its S7-1500 CPUs are also affected by a DoS vulnerability, which can be exploited by sending specially crafted UDP packets to a device.

Siemens has informed customers that many of its products using Profinet-IO stack versions prior to 06.00 are vulnerable to DoS attacks due to "Not properly limiting internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface."

Two DoS bugs related to the handling of SNMP messages have been found to impact several Siemens industrial products.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/a33vO2kl6pk/siemens-patches-serious-dos-vulnerabilities-several-products

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Siemens 2073 38 462 996 213 1709