CVE-2021-25659

Summary

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

Affected Software

VendorProductVersion RangeStatus
SiemensAutomation License Manager 5All versionsaffected
SiemensAutomation License Manager 6All versions < V6.0 SP9 Update 2affected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References