SIEMENS-SSA-865156 · Published 2019-05-14 · View on Siemens ProductCERT ↗

SSA-865156 (Last Update: 2019-05-14): Denial-of-Service Vulnerability in SINAMICS PERFECT HARMONY GH180 Fieldbus Network

CVSS N/A MEDIUM

Risk Summary

<p>SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II control contains a denial-of-service vulnerability within the Parameter Read/Write over Fieldbus network functionality. An attacker with access to the field bus network could cause a Denial-of-Service condition by sending specially crafted packets. By default, Parameter Read/Write over Fieldbus network is disabled, and this functionality must be specifically enabled to expose this vulnerability.</p>

Remediations

Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-865156 (Last Update: 2019-05-14): Denial-of-Service Vulnerability in SINAMICS PERFECT HARMONY GH180 Fieldbus Network See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more