Description
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of all socket-based communication of the affected products if the result server is enabled.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
E
Physical
RL
O
RC
Changed
Affected products
- Siemens / SIMATIC MV540 HAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV540 SAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV550 HAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV550 SAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV560 UAll versions < V3.3.4 – All versions < V3.3.4
- Siemens / SIMATIC MV560 XAll versions < V3.3.4 – All versions < V3.3.4