CVE-2019-13926 — Uncontrolled Resource Consumption in Siemens Scalance S602 Firmware

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 57.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Scalance S602 Firmware Siemens Scalance S612 Firmware Siemens Scalance S623 Firmware +5 more

Timeline

PublishedFeb 11

Latest updateMay 24

Description

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and = V3.0 and = V3.0 and = V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

▶NVDsiemens/scalance_s602_firmware3.0 — 4.1

▶CVEListV5siemens/scalance_s602All versions >= V3.0 and < V4.1

▶NVDsiemens/scalance_s612_firmware3.0 — 4.1

▶NVDsiemens/scalance_s623_firmware3.0 — 4.1

▶NVDsiemens/scalance_s627-2m_firmware3.0 — 4.1

🔴Vulnerability Details

GHSA

GHSA-vwh5-q72r-gr35: A vulnerability has been identified in SCALANCE S602 (All versions >= V3↗2022-05-24

▶

CVEList

CVE-2019-13926: A vulnerability has been identified in SCALANCE S602 (All versions >= V3↗2020-02-11

▶