All the vulnerabilites related to Siemens - SIMATIC Cloud Connect 7 CC716
cve-2023-29103
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC712 (All versions \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003c V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-259", "description": "CWE-259: Use of Hard-coded Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:29.860Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29103", "datePublished": "2023-05-09T11:51:29.860Z", "dateReserved": "2023-03-31T08:06:09.775Z", "dateUpdated": "2024-08-02T14:00:15.546Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28831
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:51:38.545Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC BRAUMAT", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1 SP1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "lessThan": "V2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "lessThan": "V2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Comfort/Mobile RT", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1504D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1504D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "V3.0.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1507D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1507D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "V3.0.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V21.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V30.1.0", "status": "affected", "version": "V30.0.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC IPC DiagMonitor", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V16", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V17", "vendor": "Siemens", "versions": [ { "lessThan": "V17 SP1 Update 1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC NET PC Software V18", "vendor": "Siemens", "versions": [ { "lessThan": "V18 Update 1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PCS 7 V9.1", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PCS neo V4.0", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511T-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511T-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511TF-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511TF-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SP F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SP-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SPT F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SPT-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515T-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515T-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515TF-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515TF-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller V2", "vendor": "Siemens", "versions": [ { "lessThan": "V21.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller V3", "vendor": "Siemens", "versions": [ { "lessThan": "V30.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "lessThan": "V5.0 Update 2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC SISTAR", "vendor": "Siemens", "versions": [ { "lessThan": "V8.1 SP1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.17", "vendor": "Siemens", "versions": [ { "lessThan": "V3.17 P029", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.18", "vendor": "Siemens", "versions": [ { "lessThan": "V3.18 P019", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OA V3.19", "vendor": "Siemens", "versions": [ { "lessThan": "V3.19 P005", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC OPC UA Client", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V16", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V17", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V18", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Professional V19", "vendor": "Siemens", "versions": [ { "lessThan": "V19 Update 2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Unified OPC UA Server", "vendor": "Siemens", "versions": [ { "lessThan": "V5.0.0.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V7.4", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V7.5", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC V8.0", "vendor": "Siemens", "versions": [ { "lessThan": "V8.0 Update 5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK MC", "vendor": "Siemens", "versions": [ { "lessThan": "V1.22", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK ONE", "vendor": "Siemens", "versions": [ { "lessThan": "V6.22", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V2.9.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.\r\n\r\nThis could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T13:53:25.548Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-28831", "datePublished": "2023-09-12T09:32:06.153Z", "dateReserved": "2023-03-24T15:17:33.934Z", "dateUpdated": "2024-12-10T13:53:25.548Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29107
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.963Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-552", "description": "CWE-552: Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:34.269Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29107", "datePublished": "2023-05-09T11:51:34.269Z", "dateReserved": "2023-03-31T08:06:09.775Z", "dateUpdated": "2024-08-02T14:00:15.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28832
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:51:38.923Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:28.740Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-28832", "datePublished": "2023-05-09T11:51:28.740Z", "dateReserved": "2023-03-24T15:17:33.934Z", "dateUpdated": "2024-08-02T13:51:38.923Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29128
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to write any file with the extension `.db`." } ], "metrics": [ { "cvssV3_1": { "baseScore": 3.8, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:35.346Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29128", "datePublished": "2023-05-09T11:51:35.346Z", "dateReserved": "2023-03-31T10:54:25.289Z", "dateUpdated": "2024-08-02T14:00:15.230Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29104
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.849Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:30.950Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29104", "datePublished": "2023-05-09T11:51:30.950Z", "dateReserved": "2023-03-31T08:06:09.775Z", "dateUpdated": "2024-08-02T14:00:15.849Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29106
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.596Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:33.140Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29106", "datePublished": "2023-05-09T11:51:33.140Z", "dateReserved": "2023-03-31T08:06:09.775Z", "dateUpdated": "2024-08-02T14:00:15.596Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29105
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Cloud Connect 7 CC712 |
Version: All versions >= V2.0 < V2.1 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:15.875Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC712", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.0 \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Cloud Connect 7 CC716", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC712 (All versions \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003c V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS)." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-544", "description": "CWE-544: Missing Standardized Error Handling Mechanism", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:32.057Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-29105", "datePublished": "2023-05-09T11:51:32.057Z", "dateReserved": "2023-03-31T08:06:09.775Z", "dateUpdated": "2024-08-02T14:00:15.875Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202309-0636
Vulnerability from variot
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. simatic cloud connect 7 cc712 firmware, simatic cloud connect 7 cc716 firmware, SIMATIC Drive Controller CPU 1504D TF Multiple Siemens products, including firmware, contain an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to interface with OPC UA servers as OPC UA clients. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functions of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller and includes optional visualization combined with central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 ODK CPUs offer the functionality of a standard S7-1500 CPU, but also offer the possibility to run C/C++ code within the CPU runtime to execute your own functions/algorithms implemented in C/C++. They are designed for discrete and continuous control in industrial environments such as the manufacturing, food and beverage, and chemical industries around the world. SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments.
Siemens SIMATIC product ANSI C OPC UA SDK has a denial of service vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202309-0636", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "siplus s7-1500 cpu pn", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "1511-1\u003cv2.9.7" }, { "model": "simatic s7-1500 cpu pn", "scope": "eq", "trust": 1.2, "vendor": "siemens", "version": "1511-1\u003cv2.9.7" }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": "lt", "trust": 1.2, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.2, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1200 cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu s7-1518-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518t-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1514spt f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn t1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic cloud connect 7 cc716", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic et 200sp open controller cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515tf-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518tf-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514spt-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic cloud connect 7 cc712", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9.7" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515f-2 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9.7" }, { "model": "simatic s7-1500 cpu 1517tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515r-2 pn tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp f-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "30.0.0" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1517h-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 et 200pro", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu s7-1518f-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1517t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1515t-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1515f-2 pn t2 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1517h-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514sp f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7 1500 cpu 1513-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cloud connect 7 cc712", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cloud connect 7 cc716", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cloud connect cc712", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv2.2" }, { "model": "simatic cloud connect cc716", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv2.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1,\u003cv3.0.3" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1,\u003cv3.0.3" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v21.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1511-1\u003cv3.0.3" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v2\u003cv21.9.7" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn rail", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "cve": "CVE-2023-28831", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-69803", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2023-28831", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2023-012685", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-28831", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-012685", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-69803", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. \r\n\r\nThis could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. simatic cloud connect 7 cc712 firmware, simatic cloud connect 7 cc716 firmware, SIMATIC Drive Controller CPU 1504D TF Multiple Siemens products, including firmware, contain an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to interface with OPC UA servers as OPC UA clients. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functions of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller and includes optional visualization combined with central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 ODK CPUs offer the functionality of a standard S7-1500 CPU, but also offer the possibility to run C/C++ code within the CPU runtime to execute your own functions/algorithms implemented in C/C++. They are designed for discrete and continuous control in industrial environments such as the manufacturing, food and beverage, and chemical industries around the world. SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. \n\r\n\r\nSiemens SIMATIC product ANSI C OPC UA SDK has a denial of service vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-28831", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-711309", "trust": 2.5 }, { "db": "SIEMENS", "id": "SSA-118850", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU98271228", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU98137233", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-257-01", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-348-06", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-012685", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-69803", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-28831", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "id": "VAR-202309-0636", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ], "trust": 1.2659901543749998 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ] }, "last_update_date": "2024-08-14T12:54:16.917000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC product ANSI C OPC UA SDK denial of service vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/460891" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-190", "trust": 1.0 }, { "problemtype": "Integer overflow or wraparound (CWE-190) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf" }, { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98137233/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98271228/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28831" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-257-01" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-06" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/190.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-09-14T00:00:00", "db": "CNVD", "id": "CNVD-2023-69803" }, { "date": "2023-09-12T00:00:00", "db": "VULMON", "id": "CVE-2023-28831" }, { "date": "2023-12-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "date": "2023-09-12T10:15:27.230000", "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2023-69803" }, { "date": "2023-09-12T00:00:00", "db": "VULMON", "id": "CVE-2023-28831" }, { "date": "2023-12-18T07:19:00", "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "date": "2024-02-13T09:15:43.637000", "db": "NVD", "id": "CVE-2023-28831" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Integer overflow vulnerability in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-012685" } ], "trust": 0.8 } }