Siemens SIMATIC S7-1200 PLC UDP Denial of Service (CVE-2019-10936)
Medium Nessus Plugin ID 131775
SynopsisThe remote web server running on the S7-1200 PLC is affected by a denial of service vulnerability.
DescriptionThe remote host is a Siemens SIMATIC S7-1200 device. It is, therefore, affected by a denial of service vulnerability.
A denial of service (DoS) vulnerability exists due to improper handling of UDP packets. An unauthenticated, remote attacker can exploit this issue, by sending a large amount of specially crafted UDP packets, to cause the device to stop responding.
Note that Nessus has not attempted to exploit this issue but has instead relied only on the device's self-reported version number.
SolutionNo known fix. Contact Siemens for more information.