SSA-689071 (Last Update: 2020-10-13): DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224
Published
2020-10-13 00:00:00 UTC
Summary
Multiple vulnerabilities have been identified in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 devices. The highest scored vulnerability could allow a remote attacker to crash the DNS service or execute arbitrary code. The attacker must be able to craft malicious DNS responses and inject them into the network in order to exploit the vulnerability.
Siemens has released updates for the affected devices, recommends to update, and provides specific countermeasures for unpatched devices.