dnsmasq by Simon Kelley (Update A)

CVSS 4.0 MEDIUM

CVEs (3)

CVE-2020-25684 CVE-2020-25685 CVE-2020-25686

Update to V6.4 or later version
Update to V2.1.3 or later version
Currently no remediation is available
SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.
RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.
SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.
SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.
SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP

Siemens

Siemens · RUGGEDCOM RM1224 <V6.4

Siemens · SCALANCE M-800 <V6.4

Siemens · SCALANCE S615 <V6.4

Siemens · SCALANCE SC-600 <V2.1.3

Siemens · SCALANCE W1750D vers:all/*

Multiple

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.