Siemens: >> Sinamics G150 Firmware Security Vulnerabilities
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-10-10
Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
CVSS Score
7.5
EPSS Score
0.02
Published
2019-10-10
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-04-17
Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.
CVSS Score
7.5
EPSS Score
0.039
Published
2017-12-26
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-11
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
CVSS Score
6.5
EPSS Score
0.023
Published
2017-05-11