Multiple Denial-of-Service Vulnerabilities in SINEMA Remote Connect Server
Plan Patch7.5SSA-292794Apr 13, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Two Denial-of-Service vulnerabilities in the underlying third-party XML parser of SINEMA Remote Connect Server (versions prior to 3.0). These vulnerabilities can be triggered by sending specially crafted XML data to the server, causing resource exhaustion or infinite loop conditions that result in service unavailability.
What this means
What could happen
An attacker could cause SINEMA Remote Connect Server to crash or become unresponsive, disrupting remote access to critical control systems and potentially affecting monitoring and response capabilities at your facility.
Who's at risk
Facility operators and automation engineers who rely on SINEMA Remote Connect Server for remote access to PLCs, HMIs, and other Siemens control systems at water treatment plants, electrical substations, or other critical infrastructure.
How it could be exploited
An attacker on the network could send specially crafted XML data to SINEMA Remote Connect Server, exploiting vulnerabilities in the XML parser to trigger a resource exhaustion or infinite loop condition, causing the service to hang or crash.
Prerequisites
- Network access to SINEMA Remote Connect Server
- Ability to send HTTP/XML requests to the server (no authentication required)
remotely exploitableno authentication requiredlow complexityaffects availability of remote access capability
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
SINEMA Remote Connect Server< V3.03.0
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SINEMA Remote Connect Server to version 3.0 or later
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/bb462960-02f8-4a3b-9d6e-8c674c9c797f