Siemens BACnet ATEC 550-440
Easy fix1 remedy
cpe:2.3:h:siemens:simatic_mv440:*:*:*:*:*:*:*, +2 more
Easy fix1 remedy
Siemens BACnet ATEC Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in Siemens BACnet ATEC devices 550-440, 550-441, 550-445, and 550-446, all versions. The vulnerability arises from the devices' improper handling of certain incoming BACnet MSTP messages. This flaw allows an attacker on the same BACnet network to send a specially crafted MSTP message that disrupts the normal operation of the targeted device, creating a denial-of-service condition. To restore functionality, a power cycle is required.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition on the affected device, requiring a power cycle to restore normal operation.
Remediation
Currently, no fix is planned for this vulnerability. As a general security measure, it is recommended to protect network access to affected products with appropriate mechanisms and to follow recommended security practices to maintain a protected IT environment.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
4.7remediation
7.9relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.