Siemens SIDOOR ATD430W
0 remedies
cpe:2.3:h:siemens:sidoor_atd430w:*:*:*:*:*:*:*, +1 more
0 remedies
Siemens Integrated ICMP Denial-of-Service Vulnerability
Vulnerability
Patched
A denial-of-service vulnerability has been identified in the integrated ICMP service of the network stack in various Siemens industrial devices. This vulnerability allows an unauthenticated remote attacker to exhaust the available memory resources of the ICMP service by sending specially crafted messages that disrupt IP fragment reassembly. While this attack temporarily disables the ICMP service, other communication services remain unaffected. Affected devices will return to normal operation once the attack subsides.
Impact
Exploitation of this vulnerability leads to a temporary denial-of-service condition for the ICMP service, causing it to become unresponsive. Other communication services on the affected devices are not impacted.
Remediation
Siemens has released updates for several affected products. For devices in the SIMATIC S7-410 V8 CPU family (excluding SIPLUS variants), users should update to version 8.3 or later. For devices in the SIMATIC S7-1200 CPU family V4 (including SIPLUS variants), the recommendation is to update to version 4.4 or later. For other affected products, where no fix is currently available, Siemens advises implementing packet filtering rules at network perimeter devices to block ICMP messages with large payloads, if feasible.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
0.6exploitability
7.0remediation
0.0relevance
0.0threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.