CISA has published an advisory on resource exhaustion and cross-site scripting vulnerabilities in Siemens SCALANCE S-600 Firewall. Multiple products and versions of these products are affected. These vulnerabilities could allow a remote attacker to conduct denial-of-service or cross-site scripting attacks. User interaction is required for a successful exploitation of the cross-site-scripting attack. For SCALANCE S602 v3.0, Siemens recommends only accessing links from trusted sources in the browser you use to access the SCALANCE S administration website. For SCALANCE S612, all versions v3.0 or higher, SCALANCE S623, all versions v3.0 or higher, and SCALANCE S627-2M, all versions v3.0 or higher, Siemens recommends migrating to SCALANCE SC-600 Industrial Security Appliances. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.