SSA-181018 (Last Update: 2020-01-14): Heap Overflow Vulnerability in SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C
Published
2020-01-14 00:00:00 UTC
Summary
SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C are affected by a vulnerability that could allow an unprivileged attacker located in the same local network segment (OSI Layer 2) to gain system privileges by sending a specially crafted DHCP response to a client's DHCP request.
Siemens has released updates for several affected products and recommends that customers update to the new version. Siemens is preparing further updates and recommends specific countermeasures until patches are available.