CVE-2019-13926

Name of the Vulnerable Software and Affected Versions SCALANCE S602 versions 3.0 through 4.1 SCALANCE S612 versions 3.0 through 4.1 SCALANCE S623 versions 3.0 through 4.1 SCALANCE S627-2M versions 3.0 through 4.1

Description A Denial-of-Service condition can be caused by specially crafted packets sent to port 443/tcp of affected devices, resulting in the web server being unavailable. This issue is related to an uncontrolled resource consumption. A cold reboot is required to restore the device's functionality.

Recommendations For SCALANCE S602 versions 3.0 through 4.1, restrict access to port 443/tcp to minimize the risk of exploitation. For SCALANCE S612 versions 3.0 through 4.1, restrict access to port 443/tcp to minimize the risk of exploitation. For SCALANCE S623 versions 3.0 through 4.1, restrict access to port 443/tcp to minimize the risk of exploitation. For SCALANCE S627-2M versions 3.0 through 4.1, restrict access to port 443/tcp to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the web server until a patch is available.