As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 6.3
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: TeleControl Server Basic
- Vulnerability: Improper Handling of Length Parameter Inconsistency
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
- TeleControl Server Basic: Versions prior to V3.1.2.2
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER HANDLING OF LENGTH PARAMETER INCONSISTENCY CWE-130
The affected product does not properly validate a length field in a serialized message, which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial-of-service condition. Success
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: