SSA-508982 (Last Update: 2020-03-10): Denial-of-Service Vulnerability in SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet


2020-03-10 00:00:00 UTC


The latest firmware update for the S7-300 CPUs fixes a vulnerability that could allow an unauthenticated attacker with network access to cause a denial-of-service condition. SINUMERIK 840D sl Controller, which contains a S7-300 CPU, is also affected.

Siemens is preparing further updates and recommends specific countermeasures until patches are available.