Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability - Rewterz

Rewterz Threat Advisory – CVE-2019-6568 – Siemens SINAMICS Denial of Service Vulnerability

August 16, 2019

Rewterz Threat Advisory – Multiple HTTP/2 Implementations Vulnerabilities

August 16, 2019

Rewterz Threat Advisory – CVE-2019-10942 – Siemens SCALANCE X Switches Denial of Service Vulnerability

Severity

High

Analysis Summary

An attacker may send large message packages repeatedly to the telnet service, which may allow a denial-of-service condition.

Impact

Denial of Service

Affected Vendors

Siemens

Affected Products

SCALANCE X-200: All versions
SCALANCE X-200IRT: All versions
SCALANCE X-200RNA: All versions

Remediation

Siemens has identified the following specific workarounds and mitigation users can apply to reduce the risk:

Disable telnet service on affected devices. Users should use SSH instead.
Restrict network access to Port 23/TCP of the device.