Resource exhaustion in Siemens Desigo Dxr2

CVE-2022-24040

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.004 (59.3th percentile) — read the EPSS interpretation.

Affected products

Siemens Desigo Dxr2 — versions All versions < V01.21.142.5-22
Siemens Desigo Pxc3 — versions All versions < V01.21.142.4-18
Siemens Desigo Pxc4 — versions All versions < V02.20.142.10-10884
Siemens Desigo Pxc5 — versions All versions < V02.20.142.10-10884

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf (x_refsource_MISC)