Race condition

2022-04-1209:15:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.0%

JSON

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle resources of ARP requests. This could allow an attacker to cause a race condition that leads to a crash of the entire device.

CPENameOperatorVersion
scalance_w1788-1_m12_firmwarelt3.0.0
scalance_w1788-2_eec_m12_firmwarelt3.0.0
scalance_w1788-2_m12_firmwarelt3.0.0
scalance_w1788-2ia_m12_firmwarelt3.0.0

Name	Operator	Version
scalance_w1788-1_m12_firmware	lt	3.0.0
scalance_w1788-2_eec_m12_firmware	lt	3.0.0
scalance_w1788-2_m12_firmware	lt	3.0.0
scalance_w1788-2ia_m12_firmware	lt	3.0.0

References

cert-portal.siemens.com/productcert/pdf/ssa-392912.pdf