First published: Tue Sep 14 2021(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these notifications to cause a Denial-of-Service condition in the managed devices.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <3.0 | |
Siemens SINEMA Remote Connect Server | =3.0 | |
Siemens SINEMA Remote Connect Server | =3.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2021-37183.
The affected software is Siemens SINEMA Remote Connect Server, all versions less than V3.0 SP2.
The severity of CVE-2021-37183 is medium with a CVSS score of 6.5.
An unauthenticated attacker in the same network of the affected system can abuse send-to-sleep notifications to cause a Denial of Service (DoS) condition.
Yes, Siemens has released an update to address this vulnerability. Please refer to the provided reference for more details.