Denial of Service Vulnerability in SINEMA Remote Connect Server by Siemens
CVE-2024-39876

5.3MEDIUM

Key Information:

Vendor: Siemens
Status: Sinema Remote Connect Server
Vendor: CVE Published:; 9 July 2024

Summary

A vulnerability exists in SINEMA Remote Connect Server versions prior to V3.2 SP1 due to improper log rotation handling. This flaw could be exploited by unauthenticated remote attackers to deplete system resources, leading to a denial of service condition that disrupts the availability of the device. It is crucial for affected users to apply necessary updates to mitigate potential risks.

Affected Version(s)

SINEMA Remote Connect Server 0

References

https://cert-portal.siemens.com/productcert/html/ssa-3815...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jul 9, 2024