SSA-689071 (Last Update: 2020-10-13): DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224

Published

2020-10-13 00:00:00 UTC

Summary

Multiple vulnerabilities have been identified in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 devices. The highest scored vulnerability could allow a remote attacker to crash the DNS service or execute arbitrary code. The attacker must be able to craft malicious DNS responses and inject them into the network in order to exploit the vulnerability.

Siemens has released updates for the affected devices, recommends to update, and provides specific countermeasures for unpatched devices.

Source

https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf