Description
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
E
Physical
RL
O
RC
Changed
Affected products
- Siemens / SIMATIC MV540 HAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV540 SAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV550 HAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV550 SAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV560 UAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV560 XAll versions < V3.3.4 – All versions < V3.3.4