Email Disruption Vulnerability in Siemens Ruggedcom and Scalance Products
CVE-2023-44322

5.9MEDIUM

Key Information:

Vendor
Siemens
Status
Ruggedcom Rm1224 Lte(4g) Eu
Ruggedcom Rm1224 Lte(4g) Nam
Scalance M804pb
Scalance M812-1 Adsl-router
Vendor
CVE Published:
14 November 2023

Summary

A vulnerability found in Siemens RUGGEDCOM and SCALANCE products allows attackers with network access to disrupt email notifications. When the affected devices receive an invalid response from the SMTP server, an error is triggered which disrupts email communication. This failure can result in users not being notified of critical events, posing a risk to operational security.

Affected Version(s)

RUGGEDCOM RM1224 LTE(4G) EU 0

RUGGEDCOM RM1224 LTE(4G) NAM 0

SCALANCE M804PB 0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-69938...
https://cert-portal.siemens.com/productcert/pdf/ssa-18070...
https://cert-portal.siemens.com/productcert/html/ssa-6993...

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.