April 14, 2020

CISA has updated this advisory with additional details on the affected products. Read the advisory at CISA.

February 13, 2020

CISA has published an advisory on an uncontrolled resource consumption vulnerability in Siemens SIMATIC S7. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow remote attackers to perform a denial-of-service attack by sending a specially crafted HTTP request to the web server of an affected device. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.