SSA-158827 — Vulnetix

SSA-158827 PUBLISHED CVSS 5.900000095367432 MEDIUM

A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released an update for the Automation License Manager 6 and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Automation License Manager 5
	Automation License Manager 6

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-158827.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-158827.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-158827.json advisory
https://support.industry.siemens.com/cs/ww/en/view/114358/ fix

Open in Interactive Console →