CISA has published an advisory on improper restriction of operations within the bounds of a memory buffer and resource management errors vulnerabilities in Siemens RUGGEDCOM ROS. All versions of multiple products are affected. Successful exploitation of these vulnerabilities could allow a denial-of-service condition or arbitrary code execution. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!