""ET EXPLOIT Win32/Industroyer DDOS Siemens SIPROTEC (CVE-2015-5374)""
SID: 2024376
Revision: 1
Class Type: attempted-dos
Metadata: attack_target Client_and_Server, created_at 2017_06_12, cve CVE_2015_5374, deployment Perimeter, deployment Internal, performance_impact Low, signature_severity Major, updated_at 2017_06_12
Reference:
Protocol: udp
Source Network: any
Source Port: any
Destination Network: $HOME_NET
Destination Port: 50000
Flow:
Contents:
- Value: "|11 49 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 9E|"
Within:
PCRE:
Special Options: