Siemens RUGGEDCOM ROS (ICSA-19-344-03)

CISA has published an advisory on improper restriction of operations within the bounds of a memory buffer and resource management errors vulnerabilities in Siemens RUGGEDCOM ROS. All versions of multiple products are affected. Successful exploitation of these vulnerabilities could allow a denial-of-service condition or arbitrary code execution. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.