SSA-689071 (Last Update: 2018-05-09): DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M800 and SCALANCE S615

Published

2018-05-09 00:00:00

Summary

Multiple vulnerabilities have been identified in SCALANCE W1750D, SCALANCE M800, and SCALANCE S615 devices. The highest scored vulnerability could allow a remote attacker to crash the DNS service or execute arbitrary code. The attacker must be able to craft malicious DNS responses and inject them into the network in order to exploit the vulnerability. Siemens is working on updates for the affected devices, and recommends specific countermeasures until patches are available.