SSA-103653 — Vulnetix

SSA-103653 PUBLISHED CVSS 8.600000381469727 HIGH

A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS v3.1

8.600000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
	Automation License Manager V6.2
	Automation License Manager V5
	Automation License Manager V6.0

Timeline

Sep 10, 2024 CVE Published
May 13, 2025 CVE Updated

References

https://cert-portal.siemens.com/productcert/html/ssa-103653.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-103653.json advisory
https://support.industry.siemens.com/cs/ww/en/view/114358/ fix

Open in Interactive Console →