CVE-2022-28329

Name of the Vulnerable Software and Affected Versions SCALANCE W1788-1 M12 versions prior to V3.0.0 SCALANCE W1788-2 EEC M12 versions prior to V3.0.0 SCALANCE W1788-2 M12 versions prior to V3.0.0 SCALANCE W1788-2IA M12 versions prior to V3.0.0

Description A vulnerability has been identified in the RemoteCapture feature of the affected devices, which do not properly handle malformed TCP packets. This could allow an attacker to lead to a denial of service condition, affecting only the port used by the RemoteCapture feature. The issue is due to insufficient input validation.

Recommendations For SCALANCE W1788-1 M12 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. For SCALANCE W1788-2 EEC M12 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. For SCALANCE W1788-2 M12 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. For SCALANCE W1788-2IA M12 versions prior to V3.0.0, update to version V3.0.0 or later to resolve the issue. As a temporary workaround, consider disabling the RemoteCapture feature until a patch is available. Restrict access to the affected port to minimize the risk of exploitation.