Rewterz

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

August 16, 2019
Rewterz

Rewterz Threat Advisory – Multiple HTTP/2 Implementations Vulnerabilities

August 16, 2019

Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability

Severity

High

Analysis Summary

An attacker may send large message packages repeatedly to the telnet service, which may allow a denial-of-service condition.

Impact

Denial of Service

Affected Vendors

Siemens

Affected Products

  • SCALANCE X-200: All versions
  • SCALANCE X-200IRT: All versions
  • SCALANCE X-200RNA: All versions

Remediation

Siemens has identified the following specific workarounds and mitigation users can apply to reduce the risk:

  • Disable telnet service on affected devices. Users should use SSH instead.
  • Restrict network access to Port 23/TCP of the device.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.