CVE-2023-35920

Name of the Vulnerable Software and Affected Versions SIMATIC MV540 H versions prior to V3.3.4 SIMATIC MV540 S versions prior to V3.3.4 SIMATIC MV550 H versions prior to V3.3.4 SIMATIC MV550 S versions prior to V3.3.4 SIMATIC MV560 U versions prior to V3.3.4 SIMATIC MV560 X versions prior to V3.3.4

Description A vulnerability has been identified in the SIMATIC MV540, MV550, and MV560 devices, related to uncontrolled resource consumption when processing IP packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by sending specially crafted IP packets to the devices. The affected devices must be restarted manually.

Recommendations For SIMATIC MV540 H versions prior to V3.3.4, update to version V3.3.4 or later. For SIMATIC MV540 S versions prior to V3.3.4, update to version V3.3.4 or later. For SIMATIC MV550 H versions prior to V3.3.4, update to version V3.3.4 or later. For SIMATIC MV550 S versions prior to V3.3.4, update to version V3.3.4 or later. For SIMATIC MV560 U versions prior to V3.3.4, update to version V3.3.4 or later. For SIMATIC MV560 X versions prior to V3.3.4, update to version V3.3.4 or later.