CVE-2021-25659

Name of the Vulnerable Software and Affected Versions Automation License Manager 5 (All versions) Automation License Manager 6 versions prior to V6.0 SP9 Update 2

Description A vulnerability has been identified that could lead to a denial-of-service, preventing legitimate users from using the system. This occurs when specially crafted packets are sent to port 4410/tcp of an affected system, causing extensive memory consumption.

Recommendations For Automation License Manager 5, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Automation License Manager 6 versions prior to V6.0 SP9 Update 2, update to V6.0 SP9 Update 2 or later to resolve the issue. As a temporary workaround, consider restricting access to port 4410/tcp to minimize the risk of exploitation.