Siemens: >> Simatic Cfu Pa Firmware Security Vulnerabilities
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined.
This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-04-12
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
CVSS Score
7.5
EPSS Score
0.009
Published
2021-07-13
Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
CVSS Score
7.5
EPSS Score
0.02
Published
2019-10-10