DK Standard Ethernet Controller versions < V2.8 Uncontrolled Resource Consumption Vulnerability

Summary

An attacker with network access to an affected product may cause a Denial-of-Service condition by breaking the real-time synchronization (IRT) of the affected installation. 

Credit:

The information has been provided by Vendor

The original article can be found at: https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf


Details

The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations.

Vulnerable Systems:

DK Standard Ethernet Controller versions < V2.8 

CVE Information:

CVE-2019-10923

Disclosure Timeline:
Published Date:10/10/2019

Categories: News