Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

Rewterz Threat Advisory – Siemens SCALANCE Products Multiple Vulnerabilities

August 16, 2019

Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability

August 16, 2019

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

Severity

Medium

Analysis Summary

The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation, leading to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction.

Impact

Uncontrolled Resource Consumption
Denial of service

Affected Vendors

Siemens

Affected Products

SINAMICS GH150 v4.7
SINAMICS GH150 v4.8
SINAMICS GL150 v4.7
SINAMICS GL150 v4.8
SINAMICS GM150 v4.7
SINAMICS GM150 v4.8
SINAMICS SL150 v4.7
SINAMICS SL150 v4.8
SINAMICS SM120 v4.7
SINAMICS SM120 v4.8
SINAMICS SM150 v4.8

Remediation

Siemens recommends users update to v4.8 SP2 HF9.

Rewterz Threat Advisory – Siemens SCALANCE Products Multiple Vulnerabilities

Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan