CVE-2019-13926

UNRATEDDenial of service

Description

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.

Affected products

Siemens / SCALANCE S602All versions >= V3.0 and < V4.1 – All versions >= V3.0 and < V4.1
Siemens / SCALANCE S612All versions >= V3.0 and < V4.1 – All versions >= V3.0 and < V4.1
Siemens / SCALANCE S623All versions >= V3.0 and < V4.1 – All versions >= V3.0 and < V4.1
Siemens / SCALANCE S627-2MAll versions >= V3.0 and < V4.1 – All versions >= V3.0 and < V4.1

References

MISChttps://cert-portal.siemens.com/productcert/pdf/ssa-591405.pdf
VENDOR_ADVISORYhttps://www.us-cert.gov/ics/advisories/icsa-20-042-10

Updated 6m ago · 2 sources