All the vulnerabilites related to Siemens - SIMATIC CP 1542SP-1
cve-2022-43768
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1243-1 Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE EU Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE US Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-8 IRC Version: 0   < V3.4.29
Siemens SIMATIC CP 1542SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 1542SP-1 IRC Version: 0   < V2.3
Siemens SIMATIC CP 1543SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: 0   < V2.3
Siemens SIPLUS NET CP 1242-7 V2 Version: 0   < V3.4.29
Siemens SIPLUS NET CP 443-1 Version: 0   < V3.3
Siemens SIPLUS NET CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS S7-1200 CP 1243-1 Version: 0   < V3.4.29
Siemens SIPLUS S7-1200 CP 1243-1 RAIL Version: 0   < V3.4.29
Siemens SIPLUS TIM 1531 IRC Version: 0   < V2.3.6
Siemens TIM 1531 IRC Version: 0   < V2.3.6
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:40:06.422Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:34.861Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43768",
    "datePublished": "2023-04-11T09:02:51.623Z",
    "dateReserved": "2022-10-26T11:27:16.347Z",
    "dateUpdated": "2024-09-10T09:33:34.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-43767
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1243-1 Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE EU Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE US Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-8 IRC Version: 0   < V3.4.29
Siemens SIMATIC CP 1542SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 1542SP-1 IRC Version: 0   < V2.3
Siemens SIMATIC CP 1543SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: 0   < V2.3
Siemens SIPLUS NET CP 1242-7 V2 Version: 0   < V3.4.29
Siemens SIPLUS NET CP 443-1 Version: 0   < V3.3
Siemens SIPLUS NET CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS S7-1200 CP 1243-1 Version: 0   < V3.4.29
Siemens SIPLUS S7-1200 CP 1243-1 RAIL Version: 0   < V3.4.29
Siemens SIPLUS TIM 1531 IRC Version: 0   < V2.3.6
Siemens TIM 1531 IRC Version: 0   < V2.3.6
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1542sp-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1542sp-1_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1543sp-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_443-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_443-1_advanced",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1543sp-1_isec",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_1242-7_v2",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_443-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_443-1_advanced",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_s7-1200_cp_1243-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1242-7_v2",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1_dnp3",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1_iec",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-7_lte_eu",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-7_lte_us",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-8_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_s7-1200_cp_1243-1_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_tim_1531_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tim_1531_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.3.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43767",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T19:11:06.737320Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T20:11:32.129Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:40:06.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-833",
              "description": "CWE-833: Deadlock",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:33.351Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43767",
    "datePublished": "2023-04-11T09:02:50.497Z",
    "dateReserved": "2022-10-26T11:27:16.347Z",
    "dateUpdated": "2024-09-10T09:33:33.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-43716
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1243-1 Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE EU Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE US Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-8 IRC Version: 0   < V3.4.29
Siemens SIMATIC CP 1542SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 1542SP-1 IRC Version: 0   < V2.3
Siemens SIMATIC CP 1543SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Version: 0   < V3.3
Siemens SIMATIC CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: 0   < V2.3
Siemens SIPLUS NET CP 1242-7 V2 Version: 0   < V3.4.29
Siemens SIPLUS NET CP 443-1 Version: 0   < V3.3
Siemens SIPLUS NET CP 443-1 Advanced Version: 0   < V3.3
Siemens SIPLUS S7-1200 CP 1243-1 Version: 0   < V3.4.29
Siemens SIPLUS S7-1200 CP 1243-1 RAIL Version: 0   < V3.4.29
Siemens SIPLUS TIM 1531 IRC Version: 0   < V2.3.6
Siemens TIM 1531 IRC Version: 0   < V2.3.6
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_443-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_443-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_443-1_advanced",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1242-7_gprs_v2",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1_dnp3",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-1_iec",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-7_lte_eu",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-7_lte_us",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1243-8:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1243-8",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1542sp-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1542sp-1_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simatic_cp_1543sp-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1543sp-1_isec",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_443-1_advanced",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v3.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_net_cp_1242-7_v2",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_s7-1200_cp_1243-1",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_s7-1200_cp_1243-1_rail",
            "vendor": "siemens",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_tim_1531_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "siplus_tim_1531_irc",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v2.3.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43716",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T14:12:55.560896Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T14:35:43.227Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:40:06.265Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:31.854Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43716",
    "datePublished": "2023-04-11T09:02:49.383Z",
    "dateReserved": "2022-10-24T05:19:12.272Z",
    "dateUpdated": "2024-09-10T09:33:31.854Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-50763
Vulnerability from cvelistv5
Published
2024-06-11 11:15
Modified
2024-08-02 22:16
Summary
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains. This could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1542SP-1 IRC Version: 0   < V2.3
Siemens SIMATIC CP 1543SP-1 Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: 0   < V2.3
Siemens SIPLUS TIM 1531 IRC Version: 0   < V2.4.8
Siemens TIM 1531 IRC Version: 0   < V2.4.8
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50763",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T13:16:37.494371Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T13:16:47.844Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:16:47.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.4.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.4.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains.\r\n\r\nThis could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T12:04:34.906Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-50763",
    "datePublished": "2024-06-11T11:15:18.921Z",
    "dateReserved": "2023-12-13T11:47:39.148Z",
    "dateUpdated": "2024-08-02T22:16:47.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-38380
Vulnerability from cvelistv5
Published
2023-12-12 11:26
Modified
2024-08-02 17:39
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Version: 0   < *
Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-7 LTE Version: 0   < V3.4.29
Siemens SIMATIC CP 1243-8 IRC Version: 0   < V3.4.29
Siemens SIMATIC CP 1542SP-1 Version: 0   < V2.3
Siemens SIMATIC CP 1542SP-1 IRC Version: 0   < V2.3
Siemens SIMATIC CP 1543-1 Version: 0   < V3.0.37
Siemens SIMATIC CP 1543SP-1 Version: 0   < V2.3
Siemens SINAMICS S210 (6SL5...) Version: V6.1   < V6.1 HF2
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: 0   < V2.3
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: 0   < V2.3
Siemens SIPLUS NET CP 1543-1 Version: 0   < V3.0.37
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:39:13.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.4.29",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.37",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S210 (6SL5...)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.1 HF2",
              "status": "affected",
              "version": "V6.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.37",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions \u003c V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions \u003c V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T14:19:50.234Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-38380",
    "datePublished": "2023-12-12T11:26:36.173Z",
    "dateReserved": "2023-07-17T13:06:36.758Z",
    "dateUpdated": "2024-08-02T17:39:13.213Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202110-1670
Vulnerability from variot

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. strongSwan Exists in an integer overflow vulnerability.Denial of service (DoS) It may be put into a state. ========================================================================== Ubuntu Security Notice USN-5111-1 October 19, 2021

strongswan vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 21.10
  • Ubuntu 21.04
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in strongSwan.

Software Description: - strongswan: IPsec VPN solution

Details:

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2021-41990)

It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-41991)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.10: libstrongswan 5.9.1-1ubuntu3.1 strongswan 5.9.1-1ubuntu3.1

Ubuntu 21.04: libstrongswan 5.9.1-1ubuntu1.2 strongswan 5.9.1-1ubuntu1.2

Ubuntu 20.04 LTS: libstrongswan 5.8.2-1ubuntu3.3 strongswan 5.8.2-1ubuntu3.3

Ubuntu 18.04 LTS: libstrongswan 5.6.2-1ubuntu2.7 strongswan 5.6.2-1ubuntu2.7

In general, a standard system update will make all the necessary changes.

References: https://ubuntu.com/security/notices/USN-5111-1 CVE-2021-41990, CVE-2021-41991

Package Information: https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1 https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2 https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3 https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


Debian Security Advisory DSA-4989-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez October 18, 2021 https://www.debian.org/security/faq


Package : strongswan CVE ID : CVE-2021-41990 CVE-2021-41991

Researchers at the United States of America National Security Agency (NSA) identified two denial of services vulnerability in strongSwan, an IKE/IPsec suite.

CVE-2021-41990

RSASSA-PSS signatures whose parameters define a very high salt length can
trigger an integer overflow that can lead to a segmentation fault. 
Generating a signature that bypasses the padding check to trigger the crash
requires access to the private key that signed the certificate.  However,
the certificate does not have to be trusted.  Because the gmp and the
openssl plugins both check if a parsed certificate is self-signed (and the
signature is valid), this can e.g.  be triggered by an unrelated
self-signed CA certificate sent by an initiator. Depending on the generated random value, this could
lead to an integer overflow that results in a double-dereference and a call
using out-of-bounds memory that most likely leads to a segmentation fault. 
Remote code execution can't be ruled out completely, but attackers have no
control over the dereferenced memory, so it seems unlikely at this point.

For the oldstable distribution (buster), these problems have been fixed in version 5.7.2-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in version 5.9.1-1+deb11u1.

We recommend that you upgrade your strongswan packages.

For the detailed security status of strongswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/strongswan

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmFtyAUACgkQ3rYcyPpX RFudiwf+NNcRRRJychLI5ycMKVxkr2tEAJDeVZjv966YBM1tXnCtROydXf5Zip2M dn/EYO71uuT5FKhs8tJyx5iv2bFcrvyqQQo6DFQvXZHR0+9U+MHcR9qB7JJDM4nK +JXOEmAv3akCFhiP6jMx5B6jRWR1e4MOwxmgrgGu/nwy2cYBQPI43qPTrXi3Fcnv eSgeyLqyZNLmaGmj8jQfTnc8bdVF5xAs6mHhVqNJxQCdouG9b4/S6AxJsl3IMxyF WZhtCNUvhHH8wz0lZVElR3Qs6fUu0phKdlT9kBv/o6fP3ceiYOCEh8SqBgYU3hQL xyB0uP4EcSR70TvKZMB2jV/tGG1A8w== =/Xvi -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-08


                                       https://security.gentoo.org/

Severity: Normal Title: strongSwan: Multiple Vulnerabilities Date: May 04, 2024 Bugs: #818841, #832460, #878887, #899964 ID: 202405-08


Synopsis

Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution.

Background

strongSwan is an IPSec implementation for Linux.

Affected packages

Package Vulnerable Unaffected


net-vpn/strongswan < 5.9.10 >= 5.9.10

Description

Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All strongSwan users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-vpn/strongswan-5.9.10"

References

[ 1 ] CVE-2021-41991 https://nvd.nist.gov/vuln/detail/CVE-2021-41991 [ 2 ] CVE-2021-45079 https://nvd.nist.gov/vuln/detail/CVE-2021-45079 [ 3 ] CVE-2022-40617 https://nvd.nist.gov/vuln/detail/CVE-2022-40617 [ 4 ] CVE-2023-26463 https://nvd.nist.gov/vuln/detail/CVE-2023-26463

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/202405-08

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202110-1670",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "siplus net cp 1543-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1200 cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc622-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "34"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "35"
      },
      {
        "model": "strongswan",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "strongswan",
        "version": "5.9.4"
      },
      {
        "model": "simatic net cp 1243-8 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "simatic net cp1243-7 lte eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte\\/us",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "scalance sc642-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "cp 1543-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "33"
      },
      {
        "model": "simatic cp 1242-7 gprs v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net cp 1545-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1200 cp 1243-1 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinema remote connect server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc632-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "strongswan",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "strongswan",
        "version": "4.2.10"
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "strongswan",
        "scope": null,
        "trust": 0.8,
        "vendor": "strongswan",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      }
    ],
    "trust": 0.2
  },
  "cve": "CVE-2021-41991",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-41991",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-403107",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-41991",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-41991",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-41991",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-41991",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202110-1214",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-403107",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-41991",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. strongSwan Exists in an integer overflow vulnerability.Denial of service (DoS) It may be put into a state. ==========================================================================\nUbuntu Security Notice USN-5111-1\nOctober 19, 2021\n\nstrongswan vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 21.04\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in strongSwan. \n\nSoftware Description:\n- strongswan: IPsec VPN solution\n\nDetails:\n\nIt was discovered that strongSwan incorrectly handled certain RSASSA-PSS\nsignatures. A remote attacker could use this issue to cause strongSwan to\ncrash, resulting in a denial of service. (CVE-2021-41990)\n\nIt was discovered that strongSwan incorrectly handled replacing\ncertificates in the cache. A remote attacker could use this issue to cause\nstrongSwan to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2021-41991)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n  libstrongswan                   5.9.1-1ubuntu3.1\n  strongswan                      5.9.1-1ubuntu3.1\n\nUbuntu 21.04:\n  libstrongswan                   5.9.1-1ubuntu1.2\n  strongswan                      5.9.1-1ubuntu1.2\n\nUbuntu 20.04 LTS:\n  libstrongswan                   5.8.2-1ubuntu3.3\n  strongswan                      5.8.2-1ubuntu3.3\n\nUbuntu 18.04 LTS:\n  libstrongswan                   5.6.2-1ubuntu2.7\n  strongswan                      5.6.2-1ubuntu2.7\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n  https://ubuntu.com/security/notices/USN-5111-1\n  CVE-2021-41990, CVE-2021-41991\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1\n  https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2\n  https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3\n  https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4989-1                   security@debian.org\nhttps://www.debian.org/security/                        Yves-Alexis Perez\nOctober 18, 2021                      https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : strongswan\nCVE ID         : CVE-2021-41990 CVE-2021-41991\n\nResearchers at the United States of America National Security Agency (NSA)\nidentified two denial of services vulnerability in strongSwan, an IKE/IPsec\nsuite. \n\nCVE-2021-41990\n\n    RSASSA-PSS signatures whose parameters define a very high salt length can\n    trigger an integer overflow that can lead to a segmentation fault. \n    Generating a signature that bypasses the padding check to trigger the crash\n    requires access to the private key that signed the certificate.  However,\n    the certificate does not have to be trusted.  Because the gmp and the\n    openssl plugins both check if a parsed certificate is self-signed (and the\n    signature is valid), this can e.g.  be triggered by an unrelated\n    self-signed CA certificate sent by an initiator. Depending on the generated random value, this could\n    lead to an integer overflow that results in a double-dereference and a call\n    using out-of-bounds memory that most likely leads to a segmentation fault. \n    Remote code execution can\u0027t be ruled out completely, but attackers have no\n    control over the dereferenced memory, so it seems unlikely at this point. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 5.7.2-1+deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.9.1-1+deb11u1. \n\nWe recommend that you upgrade your strongswan packages. \n\nFor the detailed security status of strongswan please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/strongswan\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmFtyAUACgkQ3rYcyPpX\nRFudiwf+NNcRRRJychLI5ycMKVxkr2tEAJDeVZjv966YBM1tXnCtROydXf5Zip2M\ndn/EYO71uuT5FKhs8tJyx5iv2bFcrvyqQQo6DFQvXZHR0+9U+MHcR9qB7JJDM4nK\n+JXOEmAv3akCFhiP6jMx5B6jRWR1e4MOwxmgrgGu/nwy2cYBQPI43qPTrXi3Fcnv\neSgeyLqyZNLmaGmj8jQfTnc8bdVF5xAs6mHhVqNJxQCdouG9b4/S6AxJsl3IMxyF\nWZhtCNUvhHH8wz0lZVElR3Qs6fUu0phKdlT9kBv/o6fP3ceiYOCEh8SqBgYU3hQL\nxyB0uP4EcSR70TvKZMB2jV/tGG1A8w==\n=/Xvi\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202405-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: strongSwan: Multiple Vulnerabilities\n     Date: May 04, 2024\n     Bugs: #818841, #832460, #878887, #899964\n       ID: 202405-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in strongSwan, the worst\nof which could possibly lead to remote code execution. \n\nBackground\n=========\nstrongSwan is an IPSec implementation for Linux. \n\nAffected packages\n================\nPackage             Vulnerable    Unaffected\n------------------  ------------  ------------\nnet-vpn/strongswan  \u003c 5.9.10      \u003e= 5.9.10\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in strongSwan. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll strongSwan users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-vpn/strongswan-5.9.10\"\n\nReferences\n=========\n[ 1 ] CVE-2021-41991\n      https://nvd.nist.gov/vuln/detail/CVE-2021-41991\n[ 2 ] CVE-2021-45079\n      https://nvd.nist.gov/vuln/detail/CVE-2021-45079\n[ 3 ] CVE-2022-40617\n      https://nvd.nist.gov/vuln/detail/CVE-2022-40617\n[ 4 ] CVE-2023-26463\n      https://nvd.nist.gov/vuln/detail/CVE-2023-26463\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202405-08\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "db": "PACKETSTORM",
        "id": "169143"
      },
      {
        "db": "PACKETSTORM",
        "id": "178454"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-41991",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-539476",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU98748974",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "164558",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "164554",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2021101947",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3463",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3488",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-403107",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169143",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "178454",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "db": "PACKETSTORM",
        "id": "169143"
      },
      {
        "db": "PACKETSTORM",
        "id": "178454"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "id": "VAR-202110-1670",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      }
    ],
    "trust": 0.7521640566666667
  },
  "last_update_date": "2024-11-23T20:22:32.248000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "strongSwan\u00a0Vulnerability\u00a0(CVE-2021-41991)",
        "trust": 0.8,
        "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html"
      },
      {
        "title": "strongSwan Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166640"
      },
      {
        "title": "Debian Security Advisories: DSA-4989-1 strongswan -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=35fdad388753f5d88f528a33acdb09b3"
      },
      {
        "title": "Red Hat: CVE-2021-41991",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-41991"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-41991 log"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-190",
        "trust": 1.1
      },
      {
        "problemtype": "Integer overflow or wraparound (CWE-190) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://www.debian.org/security/2021/dsa-4989"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/strongswan/strongswan/releases/tag/5.9.4"
      },
      {
        "trust": 1.8,
        "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html"
      },
      {
        "trust": 1.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-41991"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-%28cve-2021-41991%29.html"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wqsq3bec22nf4ncdzvct4p3q2ziajxgj/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/y3tq32jljobjdb2ejksx2pbpb5nfg2d4/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5fjsatd2r2xhtg4p63gcmq2n7ewkmme5/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98748974/"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5fjsatd2r2xhtg4p63gcmq2n7ewkmme5/"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/y3tq32jljobjdb2ejksx2pbpb5nfg2d4/"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wqsq3bec22nf4ncdzvct4p3q2ziajxgj/"
      },
      {
        "trust": 0.7,
        "url": "https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2021-41991"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/strongswan-integer-overflow-via-in-memory-certificate-cache-36667"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3463"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/164558/ubuntu-security-notice-usn-5111-2.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021101947"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3488"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/164554/ubuntu-security-notice-usn-5111-1.html"
      },
      {
        "trust": 0.2,
        "url": "https://ubuntu.com/security/notices/usn-5111-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-41990"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/190.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-5111-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/strongswan"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45079"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/glsa/202405-08"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40617"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-26463"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "db": "PACKETSTORM",
        "id": "169143"
      },
      {
        "db": "PACKETSTORM",
        "id": "178454"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "db": "PACKETSTORM",
        "id": "169143"
      },
      {
        "db": "PACKETSTORM",
        "id": "178454"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-10-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "date": "2021-10-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "date": "2022-02-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "date": "2021-10-20T15:43:57",
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "date": "2021-10-19T15:31:42",
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "date": "2021-10-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "169143"
      },
      {
        "date": "2024-05-06T13:54:27",
        "db": "PACKETSTORM",
        "id": "178454"
      },
      {
        "date": "2021-10-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "date": "2021-10-18T14:15:10.333000",
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-403107"
      },
      {
        "date": "2021-10-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-41991"
      },
      {
        "date": "2022-02-15T00:53:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      },
      {
        "date": "2022-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      },
      {
        "date": "2024-11-21T06:27:02.090000",
        "db": "NVD",
        "id": "CVE-2021-41991"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "164558"
      },
      {
        "db": "PACKETSTORM",
        "id": "164554"
      },
      {
        "db": "PACKETSTORM",
        "id": "178454"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "strongSwan\u00a0 Integer overflow vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007493"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-1214"
      }
    ],
    "trust": 0.6
  }
}

var-202304-0701
Vulnerability from variot

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0701",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagbase",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus s7-1200 cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus s7-1200 cp 1243-1 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp lte eu",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp lte us",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-8"
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "siplus s7-1200 cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "siplus s7-1200 cp rail",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp advanced",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp dnp3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp iec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "siplus net cp advanced \u003cv3.3l",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "siplus tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      },
      {
        "model": "tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "cve": "CVE-2022-43768",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2023-35759",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-43768",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-022095",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-43768",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-022095",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-35759",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-726",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-43768",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-566905",
        "trust": 3.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-139628",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-103-10",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94715153",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2159",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "id": "VAR-202304-0701",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      }
    ],
    "trust": 1.3845387558333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      }
    ]
  },
  "last_update_date": "2024-09-10T22:39:35.933000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Denial of Service Vulnerability in Several Siemens Products (CNVD-2023-35759)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/424651"
      },
      {
        "title": "Siemens SIMATIC CP443-1 OPC UA9 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233079"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-770",
        "trust": 1.0
      },
      {
        "problemtype": "Allocation of resources without limits or throttling (CWE-770) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94715153/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43768"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-43768/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "date": "2023-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "date": "2023-04-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "date": "2023-04-11T10:15:17.617000",
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35759"
      },
      {
        "date": "2023-11-15T06:20:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      },
      {
        "date": "2024-09-10T10:15:05.020000",
        "db": "NVD",
        "id": "CVE-2022-43768"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022095"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-726"
      }
    ],
    "trust": 0.6
  }
}

var-202304-0702
Vulnerability from variot

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software of Siemens (Siemens) in Germany. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0702",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagbase",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus s7-1200 cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus s7-1200 cp 1243-1 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp lte eu",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp lte us",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-8"
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "siplus s7-1200 cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "siplus s7-1200 cp rail",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp advanced",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp dnp3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp iec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "siplus net cp advanced \u003cv3.3l",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "siplus tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      },
      {
        "model": "tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "cve": "CVE-2022-43716",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2023-35756",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-43716",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-022093",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-43716",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-43716",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-022093",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-35756",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-727",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software of Siemens (Siemens) in Germany. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-43716",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-566905",
        "trust": 3.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-139628",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-103-10",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94715153",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2159",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "id": "VAR-202304-0702",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      }
    ],
    "trust": 1.3845387558333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      }
    ]
  },
  "last_update_date": "2024-09-10T21:39:02.572000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Denial of Service Vulnerability in Several Siemens Products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/424641"
      },
      {
        "title": "Siemens SIMATIC CP443-1 OPC UA9 Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233080"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.0
      },
      {
        "problemtype": "Use of freed memory (CWE-416) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94715153/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43716"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-43716/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "date": "2023-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "date": "2023-04-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "date": "2023-04-11T10:15:17.467000",
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35756"
      },
      {
        "date": "2023-11-15T06:20:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      },
      {
        "date": "2024-09-10T10:15:04.627000",
        "db": "NVD",
        "id": "CVE-2022-43716"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Use of Freed Memory Vulnerability in Multiple Siemens Products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022093"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-727"
      }
    ],
    "trust": 0.6
  }
}

var-202304-0700
Vulnerability from variot

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Several Siemens products, including firmware, contain vulnerabilities related to deadlock.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0700",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagbase",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.6"
      },
      {
        "model": "siplus s7-1200 cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus s7-1200 cp 1243-1 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net cp 443-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3"
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-8 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte us",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1242-7 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus net cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic cp 1243-7 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp lte eu",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp lte us",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-7"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-8"
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1242-7v2"
      },
      {
        "model": "siplus s7-1200 cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "siplus s7-1200 cp rail",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp advanced",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "simatic cp dnp3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp iec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic ipc diagbase",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1542sp-1 irc tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cp 1543sp-1 isec tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1\u003cv3.3"
      },
      {
        "model": "siplus net cp advanced \u003cv3.3l",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "siplus tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      },
      {
        "model": "tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531\u003cv2.3.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "cve": "CVE-2022-43767",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2023-35758",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-43767",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-022094",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-43767",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-022094",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-35758",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-729",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Several Siemens products, including firmware, contain vulnerabilities related to deadlock.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-43767",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-566905",
        "trust": 3.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-139628",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-103-10",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94715153",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2159",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "id": "VAR-202304-0700",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      }
    ],
    "trust": 1.3845387558333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      }
    ]
  },
  "last_update_date": "2024-09-10T22:24:04.730000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Denial of Service Vulnerability in Several Siemens Products (CNVD-2023-35758)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/424646"
      },
      {
        "title": "Siemens SIMATIC CP443-1 OPC UA9 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233082"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-833",
        "trust": 1.0
      },
      {
        "problemtype": "deadlock (CWE-833) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94715153/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43767"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-43767/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "date": "2023-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "date": "2023-04-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "date": "2023-04-11T10:15:17.540000",
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-35758"
      },
      {
        "date": "2023-11-15T06:20:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      },
      {
        "date": "2024-09-10T10:15:04.850000",
        "db": "NVD",
        "id": "CVE-2022-43767"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Deadlock vulnerability in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022094"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-729"
      }
    ],
    "trust": 0.6
  }
}

var-201705-3220
Vulnerability from variot

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\" PROFINET prior to V01.01.01; Extension Unit 15\" PROFINET prior to V01.01.01; Extension Unit 19\" PROFINET prior to V01.01.01; Extension Unit 22\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3220",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic dk-16xx pn io",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf685r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr500",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m-800",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm400",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w700",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "simatic rf650r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "simatic cp 1626",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1"
      },
      {
        "model": "scalance x414",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.10.2"
      },
      {
        "model": "scalance x200 irt",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.4.0"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1242-7 gprs",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics gl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1616",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1604",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic s7-1200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "extension unit 22 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "ie\\/pb-link",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic rf680r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "extension unit 19 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic cp 1243-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simotion",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic teleservice adapter ie standard",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic tdc cpu555",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.1"
      },
      {
        "model": "simatic et 200al",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.2"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance xr500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "scalance m-800",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance s615",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinamics sl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sitop psu8600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2.0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance x200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2.2"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "scalance xm400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "scalance x408",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic dk-1604 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sirius act 3su1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic tdc cp51m1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.8"
      },
      {
        "model": "simatic dk-1616 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic et 200mp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0.1"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "scalance w700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "extension unit 12 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "extension unit 15 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics g120\\ w. pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic s7-400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.6"
      },
      {
        "model": "simatic et 200sp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0.0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "ups1600 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.2.0"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "ie\\/as-i link pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic cp 1243-8",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics v90 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.01"
      },
      {
        "model": "scalance x300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf685r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g120\\ w. pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1243-7 lte\\/us",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "pn\\/pn coupler",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/as-i link pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/pb-link",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "pn/pn coupler",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200 irt",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x408",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x414",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi multi panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 828d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius act 3su1 interface module profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop psu8600",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop ups1600 profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "for pc-based windows systems firmware"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1616"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1604"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1543-1"
      },
      {
        "model": "simatic cm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1542-1"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp opc-ua",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "simatic cp lean",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "simatic cp adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x408"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x414"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x200"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x200"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x300"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": "ups1600 profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop psu8600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius act 3su1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.5"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf685r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2000"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "343-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16260"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16160"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16040"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-12.0.28"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-10"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-80"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-70"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-10"
      },
      {
        "model": "simatic cp gprs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v20"
      },
      {
        "model": "scalance xr500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance xm400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4140"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4084.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4083.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x3000"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.5.4"
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.02"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "ie/as-i link pn io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?0"
      },
      {
        "model": "e/pb-link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics sl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic rf685r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic rf680r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16162.7"
      },
      {
        "model": "simatic cp 1604d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic cp irc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-82.1.82"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-72.1.82"
      },
      {
        "model": "simatic cp gprs",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v22.1.82"
      },
      {
        "model": "simatic rf650r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-13.2.17"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15431.2.1"
      },
      {
        "model": "simatic cm1542",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "scalance w700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?1.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1 irc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543sp 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf650r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf680r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf685r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1616",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1604",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic dk 16xx pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 lean",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200 irt",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x408",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x414",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xm400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xr500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance w700",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance m 800",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance s615",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "softnet profinet io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie pb link",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie as i link pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter standard modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie basic modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie advanced modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop psu8600",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ups1600 profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pn pn coupler",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200 pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 200 smart",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius act 3su1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius soft starter 3rw44 pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius motor starter m200d profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 opc ua",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120 c p d w pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics v90 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1243 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi multi panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mobile panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cm 1542 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.",
    "sources": [
      {
        "db": "BID",
        "id": "98369"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2680",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-2680",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-06151",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-110883",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-2680",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2680",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2680",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2017-2680",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2680",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06151",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201705-574",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110883",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\\\" PROFINET prior to V01.01.01; Extension Unit 15\\\" PROFINET prior to V01.01.01; Extension Unit 19\\\" PROFINET prior to V01.01.01; Extension Unit 22\\\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2680",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-023-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-293562",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-284673",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "98369",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-546832",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1038463",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-02",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-128-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "296C9514-B30D-4FA5-BCDC-9D8B2E9620C4",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-99023",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "id": "VAR-201705-3220",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      }
    ],
    "trust": 1.5467968472
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:02.371000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-293562",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "title": "Patch for a number of Siemens products with a denial of service vulnerability (CNVD-2017-06151)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93364"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70052"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02"
      },
      {
        "trust": 2.0,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/98369"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1038463"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
      },
      {
        "trust": 0.9,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2680"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-128-01"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2680"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "date": "2017-05-08T00:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-06-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "date": "2017-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "date": "2017-05-11T01:29:05.400000",
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "date": "2020-09-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "date": "2018-05-09T14:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2018-05-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "date": "2022-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "date": "2024-11-21T03:23:57.563000",
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Service disruption in products  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ],
    "trust": 0.6
  }
}

var-201705-3221
Vulnerability from variot

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3221",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance x414",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.10.2"
      },
      {
        "model": "simatic et 200sp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.0"
      },
      {
        "model": "scalance x200 irt",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.4.0"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1616",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cm 1542sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1604",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "simatic s7-1200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "ie\\/pb-link",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf680r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp 1243-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simotion",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "simatic teleservice adapter ie advanced modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic tdc cpu555",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.1"
      },
      {
        "model": "simatic et 200al",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.2"
      },
      {
        "model": "simatic dk-16xx pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance xr500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "scalance m-800",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance s615",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simatic teleservice adapter ie basic modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sitop psu8600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2.0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance x200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2.2"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "scalance xm400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "scalance x408",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "sirius act 3su1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "simatic tdc cp51m1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.8"
      },
      {
        "model": "softnet profinet io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic et 200mp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0.1"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance w700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "simatic s7-400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.6"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0.0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "ups1600 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.2.0"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "ie\\/as-i link pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics v90 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.01"
      },
      {
        "model": "scalance x300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf685r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "pn\\/pn coupler",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sinamics g120\\ pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/as-i link pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/pb-link",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "pn/pn coupler",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m-800",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200 irt",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x408",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x414",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic dk-16xx pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi multi panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf685r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 828d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius act 3su1 interface module profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop psu8600",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop ups1600 profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "for pc-based windows systems firmware"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": "ups1600 profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop psu8600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius act 3su1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.5"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf685r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2000"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "343-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16260"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16160"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16040"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-12.0.28"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-10"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-80"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-70"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-10"
      },
      {
        "model": "simatic cp gprs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v20"
      },
      {
        "model": "scalance xr500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance xm400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4140"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4084.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4083.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x3000"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.5.4"
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.02"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "ie/as-i link pn io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?0"
      },
      {
        "model": "e/pb-link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics sl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic rf685r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic rf680r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16162.7"
      },
      {
        "model": "simatic cp 1604d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic cp irc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-82.1.82"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-72.1.82"
      },
      {
        "model": "simatic cp gprs",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v22.1.82"
      },
      {
        "model": "simatic rf650r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-13.2.17"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15431.2.1"
      },
      {
        "model": "simatic cm1542",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "scalance w700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?1.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1 irc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543sp 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf650r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf680r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf685r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1616",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1604",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic dk 16xx pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 lean",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200 irt",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x408",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x414",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xm400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xr500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance w700",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance m 800",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance s615",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "softnet profinet io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie pb link",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie as i link pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter standard modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie basic modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie advanced modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop psu8600",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ups1600 profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pn pn coupler",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200 pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 200 smart",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius act 3su1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius soft starter 3rw44 pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius motor starter m200d profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 opc ua",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120 c p d w pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics v90 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1243 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi multi panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mobile panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cm 1542 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.",
    "sources": [
      {
        "db": "BID",
        "id": "98369"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2681",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-2681",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-06153",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "33467505-7492-4ae1-b978-12f61201709a",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-110884",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-2681",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2681",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2681",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2017-2681",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2681",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06153",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201705-639",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "33467505-7492-4ae1-b978-12f61201709a",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110884",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions \u003c V3.2.17), SIMATIC CP 443-1 Adv (All versions \u003c V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IRC (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions \u003c V2.0), SIMATIC CM 1542SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions \u003c V1.0.15), SIMATIC CP 1543SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1543-1 (All versions \u003c V2.1), SIMATIC RF650R (All versions \u003c V3.0), SIMATIC RF680R (All versions \u003c V3.0), SIMATIC RF685R (All versions \u003c V3.0), SIMATIC CP 1616 (All versions \u003c V2.7), SIMATIC CP 1604 (All versions \u003c V2.7), SIMATIC DK-16xx PN IO (All versions \u003c V2.7), SCALANCE X-200 (All versions \u003c V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions \u003c V4.1.0), SCALANCE X414 (All versions \u003c V3.10.2), SCALANCE XM400 (All versions \u003c V6.1), SCALANCE XR500 (All versions \u003c V6.1), SCALANCE W700 (All versions \u003c V6.1), SCALANCE M-800, S615 (All versions \u003c V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions \u003c V14 SP1), IE/PB-Link (All versions \u003c V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions \u003c V1.2.0), SITOP UPS1600 PROFINET (All versions \u003c V2.2.0), SIMATIC ET 200AL (All versions \u003c V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions \u003c V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions \u003c V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions \u003c V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions \u003c V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions \u003c V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions \u003c V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions \u003c V2.3), SIMATIC S7-300 incl. F and T (All versions \u003c V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions \u003c V6.0.6), SIMATIC S7-400-H V6 (All versions \u003c V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions \u003c V7.0.2), SIMATIC S7-410 (All versions \u003c V8.2), SIMATIC S7-1200 incl. F (All versions \u003c V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions \u003c V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions \u003c V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions \u003c V2.0.0), SINAMICS DCM w. PN (All versions \u003c V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions \u003c V1.2 HF 1), SINAMICS G110M w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions \u003c V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions \u003c V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS S110 w. PN (All versions \u003c V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions \u003c V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2681",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-293562",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "98369",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1038463",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-02",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-023-02",
        "trust": 0.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-284673",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "33467505-7492-4AE1-B978-12F61201709A",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "id": "VAR-201705-3221",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      }
    ],
    "trust": 1.5075520524444446
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:02.322000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-293562",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC HMI Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93365"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70109"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/98369"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1038463"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2681"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2681"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02"
      },
      {
        "trust": 0.3,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "date": "2017-05-08T00:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-06-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "date": "2017-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "date": "2017-05-11T10:29:00.180000",
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "date": "2020-09-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "date": "2018-05-09T14:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "date": "2024-11-21T03:23:57.917000",
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC HMI Denial of service vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ],
    "trust": 0.6
  }
}