CVE-2021-25659: 
Siemens Automation License Manager vulnerability analysis and mitigation

A denial-of-service vulnerability (CVE-2021-25659) was discovered in Siemens Automation License Manager. The vulnerability affects all versions of Automation License Manager 5 and versions prior to v6.0 SP9 Update 2 of Automation License Manager 6. When exploited, specially crafted packets sent to Port 4410/TCP could lead to extensive memory consumption and prevent legitimate users from accessing the system (CISA Advisory).

The vulnerability is classified as an Uncontrolled Resource Consumption issue (CWE-400). It has been assigned a CVSS v3 base score of 5.9, with the vector string AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility with high attack complexity, no privileges required, no user interaction needed, and potential for high availability impact (CISA Advisory).

Successful exploitation of this vulnerability could cause a denial-of-service condition, preventing legitimate users from accessing the system. The impact is primarily focused on system availability, with no direct effect on confidentiality or integrity (CISA Advisory).

Siemens has released version 6.0 SP9 Update 2 to address this vulnerability in Automation License Manager 6. For systems that cannot be immediately updated, Siemens recommends disabling 'Allow Remote Connections' in the Automation License Manager settings menu. If remote connections are required, access to Port 4410/TCP should be limited to trusted systems only. Additionally, Siemens recommends configuring the environment according to their operational guidelines for industrial security (CISA Advisory).