All the vulnerabilites related to Siemens - SIMATIC S7-1500 Software Controller
var-201908-1838
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-1500 Software Controller (All versions >= V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC S7-PLCSIM Advanced (All versions >= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries.
A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. A vulnerability has been identified in SIMATIC ET200SP (incl. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1838", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "20.8" }, { "model": "simatic s7-1500 cpu 1518", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.8.1" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.8.1" }, { "model": "simatic et 200sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7 plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "20.8" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.8.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v4.0" }, { "model": "simatic et 200sp open controller cpu1515sp pc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1512c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 plcsim advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1211c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1212c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1214c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1215c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1217c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1518", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1511c", "version": "*" } ], "sources": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1511c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1512c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1518_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-008098" } ] }, "cve": "CVE-2019-10943", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-10943", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2019-27700", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "f259ba44-659c-4896-9e72-76a889fc2aca", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-142540", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-10943", "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-10943", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10943", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10943", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-27700", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201908-899", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142540", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "VULHUB", "id": "VHN-142540" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "CNNVD", "id": "CNNVD-201908-899" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-1500 Software Controller (All versions \u003e= V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. \n\nA man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. A vulnerability has been identified in SIMATIC ET200SP (incl. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles", "sources": [ { "db": "NVD", "id": "CVE-2019-10943" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "VULHUB", "id": "VHN-142540" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10943", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-232418", "trust": 2.3 }, { "db": "ICS CERT", "id": "ICSA-19-344-06", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201908-899", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-27700", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-008098", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.4621", "trust": 0.6 }, { "db": "IVD", "id": "F259BA44-659C-4896-9E72-76A889FC2ACA", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142540", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "VULHUB", "id": "VHN-142540" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "CNNVD", "id": "CNNVD-201908-899" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "id": "VAR-201908-1838", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "VULHUB", "id": "VHN-142540" } ], "trust": 1.6184979955555554 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" } ] }, "last_update_date": "2024-11-23T22:33:46.868000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-232418", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "title": "Patch for SIMATICS7-1200 and SIMATICS7-1500CPU families permission access vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/175779" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-345", "trust": 1.1 }, { "problemtype": "CWE-353", "trust": 1.0 }, { "problemtype": "CWE-284", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142540" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "trust": 1.4, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-06" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10943" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10943" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-30052" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4621/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "VULHUB", "id": "VHN-142540" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "CNNVD", "id": "CNNVD-201908-899" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "db": "CNVD", "id": "CNVD-2019-27700" }, { "db": "VULHUB", "id": "VHN-142540" }, { "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "db": "CNNVD", "id": "CNNVD-201908-899" }, { "db": "NVD", "id": "CVE-2019-10943" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-15T00:00:00", "db": "IVD", "id": "f259ba44-659c-4896-9e72-76a889fc2aca" }, { "date": "2019-08-15T00:00:00", "db": "CNVD", "id": "CNVD-2019-27700" }, { "date": "2019-08-13T00:00:00", "db": "VULHUB", "id": "VHN-142540" }, { "date": "2019-08-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "date": "2019-08-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-899" }, { "date": "2019-08-13T19:15:15.530000", "db": "NVD", "id": "CVE-2019-10943" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-30T00:00:00", "db": "CNVD", "id": "CNVD-2019-27700" }, { "date": "2020-10-02T00:00:00", "db": "VULHUB", "id": "VHN-142540" }, { "date": "2019-12-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008098" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-899" }, { "date": "2024-11-21T04:20:12.313000", "db": "NVD", "id": "CVE-2019-10943" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-899" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Access control vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-008098" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "data forgery", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-899" } ], "trust": 0.6 } }
var-202108-2236
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once. Multiple Siemens products contain fraudulent authentication vulnerabilities.Information may be obtained. Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 are the products of Germany Siemens (Siemens) company. The SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. The SIMATIC S7-1500 is a programmable logic controller. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202108-2236", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "siplus cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu-1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516pro-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1510sp-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1215c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1515t-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511tf-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1212c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1217c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1215fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "siplus cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1511f-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1517tf-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1512sp f-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516tf-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1513pro f-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1515r-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1512sp-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1516t-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1512sp f-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1212fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1515tf-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1511c-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1211c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "siplus cpu 1511-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2." }, { "model": "siplus cpu 1516-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9" }, { "model": "cpu 1516-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1516pro f-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1517t-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1512sp f-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu1510sp f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1513r-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1511t-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1214fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1214c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "cpu 1512c-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1518f-4 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1517t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516pro f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "siplus cpu-1516f-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1510sp-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516pro-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1518f-4 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500 software controller", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7 plcsim advanced", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "siplus cpu 1512sp-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1517f-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7 plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "cpu 1515t-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515sp pc2 tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9" }, { "model": "cpu 1511tf-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1513f-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1516f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1513-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1513f-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511f-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1510sp f-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511f-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1517tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1510sp f-1pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1513pro f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515tf-2 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1518-4 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "siplus cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1516tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1512c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1517-3 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1513-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1513r-1 pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu 1511t-1pn", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "cpu1510sp f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "cpu 1515f-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "siplus cpu 1518-4 pn\\/dp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "tim 1531 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.2" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7 plcsim advanced", "scope": "gt", "trust": 0.6, "vendor": "siemens", "version": "v2,\u003cv4" }, { "model": "simatic s7-1200 cpu family", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v4.4" }, { "model": "simatic s7-1500 cpu family", "scope": "gt", "trust": 0.6, "vendor": "siemens", "version": "v2.5,\u003cv2.9.2" }, { "model": "simatic s7-1500 software controller", "scope": "gt", "trust": 0.6, "vendor": "siemens", "version": "v2.5" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531v2.1" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202108-879" } ], "trust": 0.6 }, "cve": "CVE-2020-28397", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2020-28397", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2021-61122", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "id": "CVE-2020-28397", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.3, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2020-28397", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-28397", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2020-28397", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2021-61122", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202108-879", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2020-28397", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "VULMON", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202108-879" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once. Multiple Siemens products contain fraudulent authentication vulnerabilities.Information may be obtained. Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 are the products of Germany Siemens (Siemens) company. The SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. The SIMATIC S7-1500 is a programmable logic controller. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULMON", "id": "CVE-2020-28397" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-28397", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-865327", "trust": 2.3 }, { "db": "JVNDB", "id": "JVNDB-2021-010547", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2021-61122", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-257-23", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021081110", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202108-879", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-28397", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "VULMON", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202108-879" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "id": "VAR-202108-2236", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" } ], "trust": 1.4032859711111112 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" } ] }, "last_update_date": "2024-08-14T12:40:19.181000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-865327", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf" }, { "title": "Patch for Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Improper Authorization Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/285461" }, { "title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159714" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9cd5926ec23281f7dbb4df33b5aa9ff5" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "VULMON", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNNVD", "id": "CNNVD-202108-879" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-863", "trust": 1.0 }, { "problemtype": "Illegal authentication (CWE-863) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28397" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-257-23" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-information-disclosure-via-incorrect-authorization-check-36091" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021081110" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/863.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://cert-portal.siemens.com/productcert/txt/ssa-865327.txt" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "VULMON", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202108-879" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2021-61122" }, { "db": "VULMON", "id": "CVE-2020-28397" }, { "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202108-879" }, { "db": "NVD", "id": "CVE-2020-28397" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-08-11T00:00:00", "db": "CNVD", "id": "CNVD-2021-61122" }, { "date": "2021-08-10T00:00:00", "db": "VULMON", "id": "CVE-2020-28397" }, { "date": "2022-07-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-08-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202108-879" }, { "date": "2021-08-10T11:15:07.423000", "db": "NVD", "id": "CVE-2020-28397" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-01-18T00:00:00", "db": "CNVD", "id": "CNVD-2021-61122" }, { "date": "2021-08-20T00:00:00", "db": "VULMON", "id": "CVE-2020-28397" }, { "date": "2022-07-05T02:10:00", "db": "JVNDB", "id": "JVNDB-2021-010547" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-09-15T00:00:00", "db": "CNNVD", "id": "CNNVD-202108-879" }, { "date": "2021-12-10T19:57:38.487000", "db": "NVD", "id": "CVE-2020-28397" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202108-879" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fraudulent authentication vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-010547" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" } ], "trust": 0.6 } }
var-202212-1313
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1313", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 317-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1508s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1508s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic s7-1500 cpu 15pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 314", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "siplus s7-300 cpu 315-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 315-2 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "simatic s7-1200 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.6.0" }, { "model": "simatic s7-1500 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v5.0" }, { "model": "siplus tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2986" } ], "trust": 0.6 }, "cve": "CVE-2021-40365", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-87985", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-40365", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2021-020594", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2021-40365", "trust": 1.0, "value": "HIGH" }, { "author": "nvd@nist.gov", "id": "CVE-2021-40365", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2021-020594", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-87985", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202212-2986", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "db": "NVD", "id": "CVE-2021-40365" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device", "sources": [ { "db": "NVD", "id": "CVE-2021-40365" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "CNVD", "id": "CNVD-2022-87985" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40365", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-382653", "trust": 3.0 }, { "db": "ICS CERT", "id": "ICSA-22-349-03", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU91561630", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-020594", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-87985", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202212-2986", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "id": "VAR-202212-1313", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" } ], "trust": 1.306162763125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" } ] }, "last_update_date": "2024-08-14T12:16:09.047000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Product Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/372391" }, { "title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232929" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "CNNVD", "id": "CNNVD-202212-2986" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 1.0 }, { "problemtype": "Inappropriate input confirmation (CWE-20) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91561630/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40365" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-40365/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-87985" }, { "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "db": "NVD", "id": "CVE-2021-40365" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87985" }, { "date": "2023-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "date": "2022-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "date": "2022-12-13T16:15:14.650000", "db": "NVD", "id": "CVE-2021-40365" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87985" }, { "date": "2023-11-29T01:35:00", "db": "JVNDB", "id": "JVNDB-2021-020594" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2986" }, { "date": "2023-09-12T10:15:08.130000", "db": "NVD", "id": "CVE-2021-40365" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2986" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation vulnerability in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020594" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2986" } ], "trust": 0.6 } }
var-201908-1835
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1835", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1200 cpu 1212c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic cp 1626", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi panel", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc open architecture", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "3.15" }, { "model": "simatic s7-1500 cpu 1518", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic tim 1531 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.16" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v4.0" }, { "model": "simatic et 200sp open controller cpu1515sp pc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1512c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 plcsim advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1211c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1212c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1214c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1215c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200 cpu 1217c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1518", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 cpu 1511c", "version": "*" } ], "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1511c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1512c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1518_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-008096" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Eli Biham, Sara Bitan, and Alon Dankner from Faculty of Computer Science, Technion Haifa, reported this vulnerability to Siemens., Aviad Carmel", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-895" } ], "trust": 0.6 }, "cve": "CVE-2019-10929", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2019-10929", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "exploitabilityScore": 4.9, "id": "CNVD-2019-27647", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "exploitabilityScore": 4.9, "id": "dd013399-7645-48ff-9360-e9388bbf86bb", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.2, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-142524", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.2, "id": "CVE-2019-10929", "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, { "attackComplexity": "High", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.9, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-10929", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10929", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2019-10929", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2019-27647", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201908-895", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-142524", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-10929", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULHUB", "id": "VHN-142524" }, { "db": "VULMON", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "CNNVD", "id": "CNNVD-201908-895" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles", "sources": [ { "db": "NVD", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "VULHUB", "id": "VHN-142524" }, { "db": "VULMON", "id": "CVE-2019-10929" } ], "trust": 2.52 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10929", "trust": 3.4 }, { "db": "ICS CERT", "id": "ICSA-19-344-04", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-232418", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-273799", "trust": 1.8 }, { "db": "CNNVD", "id": "CNNVD-201908-895", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-27647", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-344-06", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-008096", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.4623", "trust": 0.6 }, { "db": "IVD", "id": "DD013399-7645-48FF-9360-E9388BBF86BB", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142524", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10929", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULHUB", "id": "VHN-142524" }, { "db": "VULMON", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "CNNVD", "id": "CNNVD-201908-895" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "id": "VAR-201908-1835", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULHUB", "id": "VHN-142524" } ], "trust": 1.592972417272727 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" } ] }, "last_update_date": "2024-11-23T22:33:46.904000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-232418", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "title": "Patch for SIMATICS7-1200 and SIMATICS7-1500CPU families man-in-the-middle attack vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/175015" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7a126d1ac7ee4b775c023b2d29df4c13" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=5ddd1615249b07f58d59e46a99a2022a" }, { "title": "", "trust": 0.1, "url": "https://github.com/Esamgold/SIEMENS-S7-PLCs-attacks " } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULMON", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-327", "trust": 1.0 }, { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-284", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142524" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" }, { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10929" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10929" }, { "trust": 0.8, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-06" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-344-04" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-man-in-the-middle-via-102-tcp-31129" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-30052" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4623/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/327.html" }, { "trust": 0.1, "url": "https://github.com/esamgold/siemens-s7-plcs-attacks" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-19-344-04" }, { "trust": 0.1, "url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111167" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULHUB", "id": "VHN-142524" }, { "db": "VULMON", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "CNNVD", "id": "CNNVD-201908-895" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" }, { "db": "VULHUB", "id": "VHN-142524" }, { "db": "VULMON", "id": "CVE-2019-10929" }, { "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "db": "CNNVD", "id": "CNNVD-201908-895" }, { "db": "NVD", "id": "CVE-2019-10929" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-15T00:00:00", "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "date": "2019-08-14T00:00:00", "db": "CNVD", "id": "CNVD-2019-27647" }, { "date": "2019-08-13T00:00:00", "db": "VULHUB", "id": "VHN-142524" }, { "date": "2019-08-13T00:00:00", "db": "VULMON", "id": "CVE-2019-10929" }, { "date": "2019-08-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "date": "2019-08-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-895" }, { "date": "2019-08-13T19:15:14.860000", "db": "NVD", "id": "CVE-2019-10929" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-15T00:00:00", "db": "CNVD", "id": "CNVD-2019-27647" }, { "date": "2020-10-02T00:00:00", "db": "VULHUB", "id": "VHN-142524" }, { "date": "2022-08-10T00:00:00", "db": "VULMON", "id": "CVE-2019-10929" }, { "date": "2019-12-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008096" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-895" }, { "date": "2024-11-21T04:20:10.487000", "db": "NVD", "id": "CVE-2019-10929" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-895" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATICS7-1200 and SIMATICS7-1500CPU families Man-in-the-middle attack vulnerability", "sources": [ { "db": "IVD", "id": "dd013399-7645-48ff-9360-e9388bbf86bb" }, { "db": "CNVD", "id": "CNVD-2019-27647" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-895" } ], "trust": 0.6 } }
var-202309-0636
Vulnerability from variot
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. simatic cloud connect 7 cc712 firmware, simatic cloud connect 7 cc716 firmware, SIMATIC Drive Controller CPU 1504D TF Multiple Siemens products, including firmware, contain an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to interface with OPC UA servers as OPC UA clients. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functions of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller and includes optional visualization combined with central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 ODK CPUs offer the functionality of a standard S7-1500 CPU, but also offer the possibility to run C/C++ code within the CPU runtime to execute your own functions/algorithms implemented in C/C++. They are designed for discrete and continuous control in industrial environments such as the manufacturing, food and beverage, and chemical industries around the world. SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments.
Siemens SIMATIC product ANSI C OPC UA SDK has a denial of service vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202309-0636", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "siplus s7-1500 cpu pn", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "1511-1\u003cv2.9.7" }, { "model": "simatic s7-1500 cpu pn", "scope": "eq", "trust": 1.2, "vendor": "siemens", "version": "1511-1\u003cv2.9.7" }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": "lt", "trust": 1.2, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.2, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1200 cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu s7-1518-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518t-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1514spt f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1511-1 pn t1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic cloud connect 7 cc716", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic et 200sp open controller cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515tf-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518tf-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514spt-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic cloud connect 7 cc712", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9.7" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515f-2 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9.7" }, { "model": "simatic s7-1500 cpu 1517tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515r-2 pn tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp f-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "30.0.0" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1517h-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 et 200pro", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu s7-1518f-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1517t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1515t-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus s7-1500 cpu 1515f-2 pn t2 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1517h-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1514sp f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.3" }, { "model": "siplus et 200sp cpu 1512sp-1 pn rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7 1500 cpu 1513-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cloud connect 7 cc712", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cloud connect 7 cc716", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cloud connect cc712", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv2.2" }, { "model": "simatic cloud connect cc716", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv2.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1,\u003cv3.0.3" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1,\u003cv3.0.3" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v21.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1511-1\u003cv3.0.3" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v2\u003cv21.9.7" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn rail", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus et 200sp cpu 1510sp-1 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.7" }, { "model": "siplus s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "cve": "CVE-2023-28831", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-69803", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2023-28831", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2023-012685", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-28831", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-012685", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-69803", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. \r\n\r\nThis could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. simatic cloud connect 7 cc712 firmware, simatic cloud connect 7 cc716 firmware, SIMATIC Drive Controller CPU 1504D TF Multiple Siemens products, including firmware, contain an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to interface with OPC UA servers as OPC UA clients. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functions of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller and includes optional visualization combined with central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 ODK CPUs offer the functionality of a standard S7-1500 CPU, but also offer the possibility to run C/C++ code within the CPU runtime to execute your own functions/algorithms implemented in C/C++. They are designed for discrete and continuous control in industrial environments such as the manufacturing, food and beverage, and chemical industries around the world. SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. \n\r\n\r\nSiemens SIMATIC product ANSI C OPC UA SDK has a denial of service vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-28831", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-711309", "trust": 2.5 }, { "db": "SIEMENS", "id": "SSA-118850", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU98271228", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU98137233", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-257-01", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-348-06", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-012685", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-69803", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-28831", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "id": "VAR-202309-0636", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ], "trust": 1.2659901543749998 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ] }, "last_update_date": "2024-08-14T12:54:16.917000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC product ANSI C OPC UA SDK denial of service vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/460891" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-190", "trust": 1.0 }, { "problemtype": "Integer overflow or wraparound (CWE-190) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf" }, { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98137233/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98271228/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28831" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-257-01" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-06" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/190.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-69803" }, { "db": "VULMON", "id": "CVE-2023-28831" }, { "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-09-14T00:00:00", "db": "CNVD", "id": "CNVD-2023-69803" }, { "date": "2023-09-12T00:00:00", "db": "VULMON", "id": "CVE-2023-28831" }, { "date": "2023-12-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "date": "2023-09-12T10:15:27.230000", "db": "NVD", "id": "CVE-2023-28831" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-09-15T00:00:00", "db": "CNVD", "id": "CNVD-2023-69803" }, { "date": "2023-09-12T00:00:00", "db": "VULMON", "id": "CVE-2023-28831" }, { "date": "2023-12-18T07:19:00", "db": "JVNDB", "id": "JVNDB-2023-012685" }, { "date": "2024-02-13T09:15:43.637000", "db": "NVD", "id": "CVE-2023-28831" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Integer overflow vulnerability in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-012685" } ], "trust": 0.8 } }
var-202202-0371
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0371", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1516t-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "tim 1531 irc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "tim 1531 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.4" }, { "model": "simatic s7-1200 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v4.5.0\u003cv4.5.2" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531\u003e=v2.2" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-551" } ], "trust": 0.6 }, "cve": "CVE-2021-37185", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2021-37185", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-10004", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-37185", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2022-005066", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-37185", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2021-37185", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-37185", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-10004", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202202-551", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNNVD", "id": "CNNVD-202202-551" }, { "db": "NVD", "id": "CVE-2021-37185" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs", "sources": [ { "db": "NVD", "id": "CVE-2021-37185" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNVD", "id": "CNVD-2022-10004" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-37185", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-838121", "trust": 2.2 }, { "db": "ICS CERT", "id": "ICSA-22-041-01", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU98748974", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-005066", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-10004", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021105", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0605", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202202-551", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNNVD", "id": "CNNVD-202202-551" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "id": "VAR-202202-0371", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" } ], "trust": 1.3236410799999998 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" } ] }, "last_update_date": "2024-08-14T13:01:52.807000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-838121", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "title": "Patch for Denial of Service Vulnerabilities in Multiple Siemens Industrial Products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/318426" }, { "title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=181690" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNNVD", "id": "CNNVD-202202-551" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-672", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37185" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98748974/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0605" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021105" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNNVD", "id": "CNNVD-202202-551" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-10004" }, { "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "db": "CNNVD", "id": "CNNVD-202202-551" }, { "db": "NVD", "id": "CVE-2021-37185" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10004" }, { "date": "2023-05-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "date": "2022-02-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-551" }, { "date": "2022-02-09T16:15:12.823000", "db": "NVD", "id": "CVE-2021-37185" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10004" }, { "date": "2023-05-16T08:28:00", "db": "JVNDB", "id": "JVNDB-2022-005066" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-551" }, { "date": "2023-04-11T10:15:09.550000", "db": "NVD", "id": "CVE-2021-37185" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-551" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005066" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-551" } ], "trust": 0.6 } }
var-202212-1314
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to syntactic validation of input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1314", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 317-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1508s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1508s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic s7-1500 cpu 15pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 314", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "siplus s7-300 cpu 315-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 315-2 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "simatic s7-1200 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.6.0" }, { "model": "simatic s7-1500 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v5.0" }, { "model": "siplus tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2987" } ], "trust": 0.6 }, "cve": "CVE-2021-44695", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-87982", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2021-44695", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-44695", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 4.9, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2021-020591", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2021-44695", "trust": 1.0, "value": "MEDIUM" }, { "author": "nvd@nist.gov", "id": "CVE-2021-44695", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2021-020591", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2022-87982", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202212-2987", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "db": "NVD", "id": "CVE-2021-44695" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to syntactic validation of input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device", "sources": [ { "db": "NVD", "id": "CVE-2021-44695" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "CNVD", "id": "CNVD-2022-87982" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-44695", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-382653", "trust": 3.0 }, { "db": "ICS CERT", "id": "ICSA-22-349-03", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU91561630", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-020591", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-87982", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202212-2987", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "id": "VAR-202212-1314", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" } ], "trust": 1.306162763125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" } ] }, "last_update_date": "2024-08-14T12:09:38.559000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87982)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/372486" }, { "title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245496" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "CNNVD", "id": "CNNVD-202212-2987" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-1286", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 1.0 }, { "problemtype": "Improper validation of syntactic correctness of input (CWE-1286) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91561630/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44695" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-44695/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-87982" }, { "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "db": "NVD", "id": "CVE-2021-44695" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87982" }, { "date": "2023-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "date": "2022-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "date": "2022-12-13T16:15:14.907000", "db": "NVD", "id": "CVE-2021-44695" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87982" }, { "date": "2023-11-29T01:29:00", "db": "JVNDB", "id": "JVNDB-2021-020591" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2987" }, { "date": "2023-09-12T10:15:14.650000", "db": "NVD", "id": "CVE-2021-44695" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2987" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input syntactic validity validation vulnerability in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020591" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2987" } ], "trust": 0.6 } }
var-202006-1828
Vulnerability from variot
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1828", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs neo", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic prosave", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic automatic tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime professional", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics starter commissioning tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.17" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic step 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinec network management system", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinema server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "sinamics startdrive", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik one virtual", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik operate", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.8" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic automation tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs neo", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic prosave", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_neo", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_prosave", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ander Martinez of Titanium Industrial Security and INCIBE reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "cve": "CVE-2020-7580", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CVE-2020-7580", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.1, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.2, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "VHN-185705", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.8, "id": "CVE-2020-7580", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.7, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-7580", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2020-006496", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-185705", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-7580", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products", "sources": [ { "db": "NVD", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-7580", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-20-161-04", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-312271", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU97501786", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-006496", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2015", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-185705", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2020-7580", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "id": "VAR-202006-1828", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-185705" } ], "trust": 0.6991104690909089 }, "last_update_date": "2024-11-23T20:22:32.187000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-312271:Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "title": "Multiple Siemens Product code issue vulnerability fixes", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=121186" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9c51f352314e5a42566d9203d2f1e0a2" } ], "sources": [ { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-428", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7580" }, { "trust": 1.2, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-04" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7580" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97501786/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-code-execution-via-windows-exe-extension-32489" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/428.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-161-04" } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-10T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2020-06-10T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2020-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2020-06-10T17:15:12.347000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-13T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2022-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2024-11-21T05:37:24.840000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerabilities in unquoted search paths or elements in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 } }
var-202105-0073
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. Multiple Siemens products contain buffer error vulnerabilities.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SIMATIC S7-1200 and S7-1500 CPU series products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries.
The Siemens SIMATIC S7-1200 and S7-1500 CPU series have security vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0073", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "s7-1200 cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "s7-1500 cpu", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic driver controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "et 200sp open controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic driver controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.2" }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.2" }, { "model": "simatic s7-1200 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.5.0" }, { "model": "simatic et 200sp open controller cpu 1515sp pc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Tal Keren from Claroty reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202105-1957" } ], "trust": 0.6 }, "cve": "CVE-2020-15782", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2020-15782", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CNVD-2021-37944", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2020-15782", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2020-15782", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-15782", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2020-15782", "trust": 0.8, "value": "Critical" }, { "author": "CNVD", "id": "CNVD-2021-37944", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202105-1957", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULMON", "id": "CVE-2020-15782", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "VULMON", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. Multiple Siemens products contain buffer error vulnerabilities.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SIMATIC S7-1200 and S7-1500 CPU series products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. \n\r\n\r\nThe Siemens SIMATIC S7-1200 and S7-1500 CPU series have security vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULMON", "id": "CVE-2020-15782" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-15782", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-434534", "trust": 2.3 }, { "db": "SIEMENS", "id": "SSA-434535", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-434536", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2021-007649", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2021-37944", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-152-01", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-194-17", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021071418", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021053102", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1900", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202105-1957", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-15782", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "VULMON", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "id": "VAR-202105-0073", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" } ], "trust": 1.3643837300000001 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" } ] }, "last_update_date": "2024-08-14T12:10:27.092000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-434536", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf" }, { "title": "Patch for Siemens SIMATIC S7-1200 and S7-1500 CPU series memory protection bypass vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/269101" }, { "title": "Siemens SIMATIC Repair measures for buffer errors and vulnerabilities in many products", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=153864" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7584f4eb43b539d25d824fb015a2cf5a" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=a901d703a0d80e4b3488817a077f83d4" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=616f1ddfa275fcc72669b5a7b8153f51" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "VULMON", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNNVD", "id": "CNNVD-202105-1957" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.0 }, { "problemtype": "Buffer error (CWE-119) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15782" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-152-01" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021071418" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021053102" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-17" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-read-write-access-via-memory-protection-bypass-35564" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1900" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://cert-portal.siemens.com/productcert/txt/ssa-434534.txt" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "VULMON", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2021-37944" }, { "db": "VULMON", "id": "CVE-2020-15782" }, { "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "db": "NVD", "id": "CVE-2020-15782" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-05-31T00:00:00", "db": "CNVD", "id": "CNVD-2021-37944" }, { "date": "2021-05-28T00:00:00", "db": "VULMON", "id": "CVE-2020-15782" }, { "date": "2022-02-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-05-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "date": "2021-05-28T16:15:07.790000", "db": "NVD", "id": "CVE-2020-15782" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-05-31T00:00:00", "db": "CNVD", "id": "CNVD-2021-37944" }, { "date": "2021-07-13T00:00:00", "db": "VULMON", "id": "CVE-2020-15782" }, { "date": "2022-02-18T09:00:00", "db": "JVNDB", "id": "JVNDB-2021-007649" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-09-15T00:00:00", "db": "CNNVD", "id": "CNNVD-202105-1957" }, { "date": "2021-09-14T11:15:16.220000", "db": "NVD", "id": "CVE-2020-15782" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202105-1957" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer error vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-007649" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" } ], "trust": 0.6 } }
var-202410-0098
Vulnerability from variot
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functionality of a SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller including optional visualization as well as central I/O in a compact device. SIMATIC S7-1500 CPUs are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 MFP CPUs offer the functionality of standard S7-1500 CPUs with the ability to run C/C++ code in the CPU runtime to execute your own functions/algorithms implemented in C/C++. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to emulate PLCs, even in virtualized environments
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0098", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.1.4" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" } ] }, "cve": "CVE-2024-46887", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2024-40034", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "id": "CVE-2024-46887", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2024-46887", "trust": 1.0, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-40034", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" }, { "db": "NVD", "id": "CVE-2024-46887" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The web server of affected devices do not properly authenticate user request to the \u0027/ClientArea/RuntimeInfoData.mwsl\u0027 endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functionality of a SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller including optional visualization as well as central I/O in a compact device. SIMATIC S7-1500 CPUs are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 MFP CPUs offer the functionality of standard S7-1500 CPUs with the ability to run C/C++ code in the CPU runtime to execute your own functions/algorithms implemented in C/C++. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to emulate PLCs, even in virtualized environments", "sources": [ { "db": "NVD", "id": "CVE-2024-46887" }, { "db": "CNVD", "id": "CNVD-2024-40034" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-054046", "trust": 1.6 }, { "db": "NVD", "id": "CVE-2024-46887", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2024-40034", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" }, { "db": "NVD", "id": "CVE-2024-46887" } ] }, "id": "VAR-202410-0098", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" } ], "trust": 1.4016123719999998 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" } ] }, "last_update_date": "2024-10-18T04:03:35.045000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens products have authentication bypass vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/598531" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-288", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2024-46887" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-054046.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" }, { "db": "NVD", "id": "CVE-2024-46887" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-40034" }, { "db": "NVD", "id": "CVE-2024-46887" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-40034" }, { "date": "2024-10-08T09:15:16.447000", "db": "NVD", "id": "CVE-2024-46887" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-40034" }, { "date": "2024-10-10T12:56:30.817000", "db": "NVD", "id": "CVE-2024-46887" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens products have authentication bypass vulnerabilities", "sources": [ { "db": "CNVD", "id": "CNVD-2024-40034" } ], "trust": 0.6 } }
var-201810-0793
Vulnerability from variot
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known. F Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The SIEMENS SIMATIC S7-1500 CPU family is designed for discrete and continuous control in industrial environments such as manufacturing, the global food and beverage and chemical industries. SIEMENS SIMATIC ET 200SP Open is a version of the PC-based SIMATIC S7-1500 controller, including optional visualization and central I/O in compact devices. Multiple Siemens SIMATIC Products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. The following products and versions are vulnerable: Simatic S7-1500 (incl
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201810-0793", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500f", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic et 200sp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200sp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v2.0\u003cv2.5" }, { "model": "simatic s7-1500 software controller", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v2.0\u003cv2.0" }, { "model": "simatic s7-1500 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v2.0\u003cv2.5" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200sp open controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 software controller", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500f", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "BID", "id": "105712" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500f_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-013472" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Marcin Dudek, Jacek Gajewski, Kinga Staszkiewicz, Jakub Suchorab, and Joanna Walkiewicz from National Centre for Nuclear Research Poland", "sources": [ { "db": "BID", "id": "105712" } ], "trust": 0.3 }, "cve": "CVE-2018-13805", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2018-13805", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-20534", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2018-13805", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-13805", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-13805", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2018-20534", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201810-509", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1", "trust": 0.2, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNNVD", "id": "CNNVD-201810-509" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions \u003e= V2.0 and \u003c V2.1.6), SIMATIC S7-1500 Software Controller (All versions \u003e= V2.0 and \u003c V2.5), SIMATIC S7-1500 incl. F (All versions \u003e= V2.0 and \u003c V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known. F Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The SIEMENS SIMATIC S7-1500 CPU family is designed for discrete and continuous control in industrial environments such as manufacturing, the global food and beverage and chemical industries. SIEMENS SIMATIC ET 200SP Open is a version of the PC-based SIMATIC S7-1500 controller, including optional visualization and central I/O in compact devices. Multiple Siemens SIMATIC Products are prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. \nThe following products and versions are vulnerable:\nSimatic S7-1500 (incl", "sources": [ { "db": "NVD", "id": "CVE-2018-13805" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "BID", "id": "105712" }, { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-13805", "trust": 3.5 }, { "db": "SIEMENS", "id": "SSA-347726", "trust": 2.2 }, { "db": "ICS CERT", "id": "ICSA-18-282-05", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2018-20534", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201810-509", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-013472", "trust": 0.8 }, { "db": "BID", "id": "105712", "trust": 0.3 }, { "db": "IVD", "id": "E2FCA5F0-39AB-11E9-B0FB-000C29342CB1", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "BID", "id": "105712" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNNVD", "id": "CNNVD-201810-509" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "id": "VAR-201810-0793", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" } ], "trust": 1.472147814 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" } ] }, "last_update_date": "2024-11-23T22:26:08.488000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-347726", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf" }, { "title": "SIEMENS SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open denial of service vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/141765" }, { "title": "SIMATIC Repair measures for device security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86140" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNNVD", "id": "CNNVD-201810-509" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-282-05" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13805" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13805" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "BID", "id": "105712" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNNVD", "id": "CNNVD-201810-509" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-20534" }, { "db": "BID", "id": "105712" }, { "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "db": "CNNVD", "id": "CNNVD-201810-509" }, { "db": "NVD", "id": "CVE-2018-13805" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-10T00:00:00", "db": "IVD", "id": "e2fca5f0-39ab-11e9-b0fb-000c29342cb1" }, { "date": "2018-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2018-20534" }, { "date": "2018-10-09T00:00:00", "db": "BID", "id": "105712" }, { "date": "2019-02-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "date": "2018-10-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201810-509" }, { "date": "2018-10-10T17:29:04.170000", "db": "NVD", "id": "CVE-2018-13805" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2018-20534" }, { "date": "2018-10-09T00:00:00", "db": "BID", "id": "105712" }, { "date": "2019-02-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-013472" }, { "date": "2019-04-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201810-509" }, { "date": "2024-11-21T03:48:05.947000", "db": "NVD", "id": "CVE-2018-13805" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201810-509" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens SIMATIC Product depletion vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-013472" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201810-509" } ], "trust": 0.6 } }
var-201904-0176
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0176", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime advanced", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf188c", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf600r", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-1500t", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic et 200 open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "simatic rf188c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc oa", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.15-p018" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime mobile", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500s", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinec-nms", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.0" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic cp443-1 opc ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf600r", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "sinec-nms", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0" }, { "model": "simatic s7-1500f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "sinema server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc software", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik opc ua server", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime comfort", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "opc unified architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 software controller", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "telecontrol server basic", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.1" }, { "model": "simatic wincc runtime hsp comfort", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1 opc-ua", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v2.5" }, { "model": "simatic s7-1500 software controller", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v2.5" }, { "model": "simatic wincc oa \u003cv3.15-p018", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinema server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik opc ua server", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.1" }, { "model": "telecontrol server basics", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime comfort", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime mobile", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinec-nms", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 opc ua", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime hsp comfort", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.1" }, { "model": "telecontrol server basic sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinumerik opc ua server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinec-nms", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime hsp comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.15" }, { "model": "simatic wincc oa 3.14-p021", "scope": null, "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.14" }, { "model": "simatic wincc oa p002", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.12" }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.12" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.8.5" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.8.3" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.6" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.5.0" }, { "model": "simatic rf600r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf188c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic net pc software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp opc ua", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "sinumerik opc ua server", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.1" }, { "model": "simatic wincc oa 3.15-p018", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 opc ua", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500t", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic ipc diagmonitor", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf188c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf600r", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc oa", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime comfort", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime hsp comfort", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime mobile", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinec nms", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinumerik opc ua server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol server basic", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500f", "version": "*" } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_ipc_diagmonitor_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf188c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf600r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003488" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens,Siemens ProductCERT reported this vulnerability to NCCIC.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.6 }, "cve": "CVE-2019-6575", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-6575", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2019-12905", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-158010", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-6575", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-6575", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6575", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-6575", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-12905", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201904-462", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-158010", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-6575", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data", "sources": [ { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "BID", "id": "107833" }, { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6575", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-19-099-03", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-307392", "trust": 1.8 }, { "db": "BID", "id": "107833", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201904-462", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-12905", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-003488", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.1205", "trust": 0.6 }, { "db": "IVD", "id": "B72B932A-FFE5-40C4-80A7-5E3F71B449FC", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-158010", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-6575", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "id": "VAR-201904-0176", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" } ], "trust": 1.5723463029411764 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" } ] }, "last_update_date": "2024-11-23T22:45:04.929000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-307392", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" }, { "title": "SiemensIndustrialProductswithOPCUA denial of service vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/160239" }, { "title": "Siemens OPC UA Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91290" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f300e0ed579e6a7eeebba4d6b8703ede" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-755", "trust": 1.1 }, { "problemtype": "CWE-248", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158010" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-03" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6575" }, { "trust": 0.9, "url": "http://www.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6575" }, { "trust": 0.7, "url": "https://www.securityfocus.com/bid/107833" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-ua-4840-tcp-28974" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-03" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/78742" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/755.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-19-099-03" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-05T00:00:00", "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "date": "2019-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2019-12905" }, { "date": "2019-04-17T00:00:00", "db": "VULHUB", "id": "VHN-158010" }, { "date": "2019-04-17T00:00:00", "db": "VULMON", "id": "CVE-2019-6575" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107833" }, { "date": "2019-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "date": "2019-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-462" }, { "date": "2019-04-17T14:29:03.760000", "db": "NVD", "id": "CVE-2019-6575" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-07T00:00:00", "db": "CNVD", "id": "CNVD-2019-12905" }, { "date": "2020-10-16T00:00:00", "db": "VULHUB", "id": "VHN-158010" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2019-6575" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107833" }, { "date": "2019-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-462" }, { "date": "2024-11-21T04:46:43.960000", "db": "NVD", "id": "CVE-2019-6575" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens Industrial Products with OPC UA Denial of service vulnerability", "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.8 } }
var-202012-0217
Vulnerability from variot
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request. Siemens SIMATIC Controller Web Servers is a platform of German Siemens (Siemens) that provides Web-side control for Siemens automation products.
Siemens SIMATIC Controller Web Servers has a security vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-0217", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 software controller", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "20.8" }, { "model": "simatic et 200sp open controller", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "20.8" }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v20.8" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v20.8" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "cve": "CVE-2020-15796", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2020-15796", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2020-70925", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2020-15796", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-15796", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-15796", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2020-15796", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-70925", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202012-701", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNNVD", "id": "CNNVD-202012-701" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request. Siemens SIMATIC Controller Web Servers is a platform of German Siemens (Siemens) that provides Web-side control for Siemens automation products. \n\r\n\r\nSiemens SIMATIC Controller Web Servers has a security vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2020-15796" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNVD", "id": "CNVD-2020-70925" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-15796", "trust": 3.0 }, { "db": "SIEMENS", "id": "SSA-700697", "trust": 1.6 }, { "db": "ICS CERT", "id": "ICSA-20-343-09", "trust": 1.2 }, { "db": "JVN", "id": "JVNVU90453244", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-014565", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-70925", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.4359", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202012-701", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNNVD", "id": "CNNVD-202012-701" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "id": "VAR-202012-0217", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" } ], "trust": 1.23622057 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" } ] }, "last_update_date": "2024-11-23T19:59:10.589000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-700697", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf" }, { "title": "Patch for Siemens SIMATIC Controller Web Servers Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/241945" }, { "title": "Siemens SIMATIC Controller Web Servers Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137666" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNNVD", "id": "CNNVD-202012-701" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-248", "trust": 1.0 }, { "problemtype": "Uncaught exception (CWE-248) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15796" }, { "trust": 1.2, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-09" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu90453244/index.html" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-http-request-34071" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4359/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNNVD", "id": "CNNVD-202012-701" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-70925" }, { "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "db": "CNNVD", "id": "CNNVD-202012-701" }, { "db": "NVD", "id": "CVE-2020-15796" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-12-12T00:00:00", "db": "CNVD", "id": "CNVD-2020-70925" }, { "date": "2021-08-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "date": "2020-12-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-701" }, { "date": "2020-12-14T21:15:19.440000", "db": "NVD", "id": "CVE-2020-15796" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-12-12T00:00:00", "db": "CNVD", "id": "CNVD-2020-70925" }, { "date": "2021-08-25T03:05:00", "db": "JVNDB", "id": "JVNDB-2020-014565" }, { "date": "2020-12-24T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-701" }, { "date": "2024-11-21T05:06:11.890000", "db": "NVD", "id": "CVE-2020-15796" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-701" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0ET\u00a0200SP\u00a0Open\u00a0Controller\u00a0 and \u00a0SIMATIC\u00a0S7-1500\u00a0Software\u00a0Controller\u00a0 Vulnerability regarding uncaught exceptions in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-014565" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-701" } ], "trust": 0.6 } }
var-202212-1312
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, are vulnerable to improper validation of specified types of input.Information is tampered with and service operation is interrupted (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1312", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1508s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1508s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic s7-1500 cpu 15pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2985" } ], "trust": 0.6 }, "cve": "CVE-2021-44694", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-87983", "impactScore": 7.8, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2021-44694", "impactScore": 4.2, "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-44694", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2021-020592", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2021-44694", "trust": 1.0, "value": "MEDIUM" }, { "author": "nvd@nist.gov", "id": "CVE-2021-44694", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2021-020592", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2022-87983", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202212-2985", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "db": "NVD", "id": "CVE-2021-44694" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, are vulnerable to improper validation of specified types of input.Information is tampered with and service operation is interrupted (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device", "sources": [ { "db": "NVD", "id": "CVE-2021-44694" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "CNVD", "id": "CNVD-2022-87983" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-44694", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-382653", "trust": 3.0 }, { "db": "ICS CERT", "id": "ICSA-22-349-03", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU91561630", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-020592", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-87983", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202212-2985", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "id": "VAR-202212-1312", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" } ], "trust": 1.2655165527272727 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" } ] }, "last_update_date": "2024-08-14T12:47:24.800000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87983)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/372471" }, { "title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245495" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "CNNVD", "id": "CNNVD-202212-2985" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-1287", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 1.0 }, { "problemtype": "Improper validation for input of specified type (CWE-1287) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91561630/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44694" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-44694/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-87983" }, { "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "db": "NVD", "id": "CVE-2021-44694" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87983" }, { "date": "2023-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "date": "2022-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "date": "2022-12-13T16:15:14.840000", "db": "NVD", "id": "CVE-2021-44694" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87983" }, { "date": "2023-11-29T01:31:00", "db": "JVNDB", "id": "JVNDB-2021-020592" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2985" }, { "date": "2023-09-12T10:15:13.027000", "db": "NVD", "id": "CVE-2021-44694" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2985" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Improper validation vulnerability for specified types of input in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020592" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2985" } ], "trust": 0.6 } }
var-201705-3220
Vulnerability from variot
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\" PROFINET prior to V01.01.01; Extension Unit 15\" PROFINET prior to V01.01.01; Extension Unit 19\" PROFINET prior to V01.01.01; Extension Unit 22\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3220", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic dk-16xx pn io", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf685r", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf650r", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf680r", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1 irc", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "scalance xr500", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "scalance s615", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "scalance m-800", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "scalance xm400", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "scalance w700", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinamics gm150", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gh150", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1543-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "sinamics s110 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic rf650r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "dk standard ethernet controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.1" }, { "model": "simatic cp 1626", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1" }, { "model": "scalance x414", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.10.2" }, { "model": "scalance x200 irt", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.4.0" }, { "model": "simatic cp 1243-1 dnp3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1242-7 gprs", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "sinamics gl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gm150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1616", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g130", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1604", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "simatic s7-1200", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "extension unit 22 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "01.01.01" }, { "model": "ek-ertec 200p pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4.0" }, { "model": "ie\\/pb-link", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cm 1542-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "sirius motor starter m200d profinet", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf680r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "sinamics s110 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "extension unit 19 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "01.01.01" }, { "model": "simatic cp 1243-1 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "sinamics dcp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.2" }, { "model": "simatic cp 1542sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "simatic cp 343-1 adv", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simotion", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic teleservice adapter ie standard", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1 opc-ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "dk standard ethernet controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.1.1" }, { "model": "sinumerik 840d sl", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic tdc cpu555", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.1" }, { "model": "simatic et 200al", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.2" }, { "model": "sinamics g150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g110m", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gh150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1543sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "scalance xr500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "simatic et 200ecopn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "ek-ertec 200 pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "softnet profinet io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "scalance m-800", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.03" }, { "model": "simatic hmi multi panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "scalance s615", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.03" }, { "model": "simatic cp 443-1 adv", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.17" }, { "model": "sinamics sl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics dcp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.2" }, { "model": "simotion", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "sitop psu8600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.2.0" }, { "model": "sinumerik 840d sl", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic hmi mobile panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "scalance x200", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2.2" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic cp 343-1 std", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.3" }, { "model": "simatic cp 1243-1 iec", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200pro", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics g110m", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "scalance xm400", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "sinamics sm120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "scalance x408", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.0" }, { "model": "simatic cp 343-1 lean", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.3" }, { "model": "simatic dk-1604 pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sirius act 3su1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "ek-ertec 200 pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "simatic s7-300", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "softnet profinet io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic tdc cp51m1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.8" }, { "model": "simatic dk-1616 pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "simatic et 200mp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0.1" }, { "model": "sinamics dcm", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.4" }, { "model": "sinamics sl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-200 smart", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3" }, { "model": "sinamics sm120", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "scalance w700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "simatic et 200m", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "extension unit 12 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "01.01.01" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "extension unit 15 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "01.01.01" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "sinamics g120\\ w. pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1542sp-1 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "simatic cp 443-1 std", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.17" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic s7-400", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0.6" }, { "model": "simatic et 200sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.0" }, { "model": "sirius soft starter 3rw44 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic teleservice adapter ie basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0.0" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "ups1600 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2.0" }, { "model": "sinamics dcm", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.4" }, { "model": "simatic cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "ie\\/as-i link pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics gl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic cp 1243-8", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "sinamics v90 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.01" }, { "model": "scalance x300", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.0" }, { "model": "simatic winac rtx", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics g130", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic rf685r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "ek-ertec 200p pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4.0" }, { "model": "sinamics s150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g120\\ w. pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1243-7 lte\\/us", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "pn\\/pn coupler", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "sinumerik 828d", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic teleservice adapter ie advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "dk standard ethernet controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200 pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200p pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ie/as-i link pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ie/pb-link", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "pn/pn coupler", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x200 irt", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x200", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x300", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x408", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x414", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cm 1542-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1604", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1616", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 lean", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 std", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 opc-ua", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 std", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200al", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200ecopn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200m", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200mp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200pro", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200s", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi mobile panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi multi panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-200 smart", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-300", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie basic", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter standard modem", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simocode pro v profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simotion", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics dcm", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics dcp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g110m", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g120 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g130", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g150", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s110 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s150", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics v90 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinumerik 828d", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinumerik 840d sl", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius act 3su1 interface module profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius motor starter m200d profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius soft starter 3rw44 pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sitop psu8600", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sitop ups1600 profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "for pc-based windows systems firmware" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1616" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1604" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1543-1" }, { "model": "simatic cm", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1542-1" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp opc-ua", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1" }, { "model": "simatic cp adv", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1" }, { "model": "simatic cp std", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1" }, { "model": "simatic cp std", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "343-1" }, { "model": "simatic cp lean", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "343-1" }, { "model": "simatic cp adv", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "343-1" }, { "model": "scalance", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "x408" }, { "model": "scalance", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "x414" }, { "model": "scalance irt", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "x200" }, { "model": "scalance", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "x200" }, { "model": "scalance", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "x300" }, { "model": "simatic rf650r", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 opc-ua", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cm 1542-1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1 irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 adv", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 std", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543-1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543sp-1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf680r", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinumerik 828d", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinumerik 840d sl", "version": "*" }, { "model": "ups1600 profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop psu8600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sirius soft starter 3rw44 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sirius act 3su1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics sm150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sm120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.5" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.4" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simotion", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic teleservice adapter standard modem", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-400", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-300", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-200 smart", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf685r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf680r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf650r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2000" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16260" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16160" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16040" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1543-12.0.28" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1543-10" }, { "model": "simatic cp 1542sp-1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp irc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-80" }, { "model": "simatic cp lte eu/us", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-70" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-10" }, { "model": "simatic cp gprs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1242-7v20" }, { "model": "scalance xr500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance xm400", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4140" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4084.0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4083.0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x3000" }, { "model": "scalance irt", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x2000" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x2000" }, { "model": "scalance w700 series", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.4" }, { "model": "scalance w700 series", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.5.4" }, { "model": "scalance s615", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance m-800", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.02" }, { "model": "scalance m-800", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "ie/as-i link pn io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "22?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "19?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12?0" }, { "model": "e/pb-link", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d sl", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinumerik 828d", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sm120 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics sl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gm150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gh150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "simatic rf685r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic rf680r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "16162.7" }, { "model": "simatic cp 1604d", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.7" }, { "model": "simatic cp irc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1243-82.1.82" }, { "model": "simatic cp lte eu/us", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1243-72.1.82" }, { "model": "simatic cp gprs", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1242-7v22.1.82" }, { "model": "simatic rf650r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "443-13.2.17" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15431.2.1" }, { "model": "simatic cm1542", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1.2" }, { "model": "scalance w700", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "6.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "22?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "19?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "12?1.1.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 std", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1542sp 1 irc", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1543sp 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1543 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf650r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf680r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf685r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1616", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1604", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic dk 16xx pn io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x200", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 lean", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x200 irt", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x408", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x414", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance xm400", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance xr500", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance w700", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance m 800", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance s615", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet profinet io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 adv", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ie pb link", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ie as i link pn io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter standard modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie basic modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie advanced modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop psu8600", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ups1600 profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200al", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200ecopn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200m", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 std", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200mp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200pro", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200s", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "pn pn coupler", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "dk standard ethernet controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200p pn io", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200 pn io", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 200 smart", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 adv", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius act 3su1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius soft starter 3rw44 pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius motor starter m200d profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcm", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 opc ua", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g110m", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g120 c p d w pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g130", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s110 w pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s120", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics v90 w pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simotion", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1243 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi multi panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi mobile panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cm 1542 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1542sp 1", "version": null } ], "sources": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simotion_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004134" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.", "sources": [ { "db": "BID", "id": "98369" } ], "trust": 0.3 }, "cve": "CVE-2017-2680", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2017-2680", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2017-06151", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-110883", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2017-2680", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2017-2680", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-2680", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2017-2680", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2017-2680", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2017-06151", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201705-574", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-110883", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "VULHUB", "id": "VHN-110883" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" }, { "db": "NVD", "id": "CVE-2017-2680" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\\\" PROFINET prior to V01.01.01; Extension Unit 15\\\" PROFINET prior to V01.01.01; Extension Unit 19\\\" PROFINET prior to V01.01.01; Extension Unit 22\\\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version", "sources": [ { "db": "NVD", "id": "CVE-2017-2680" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "BID", "id": "98369" }, { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "VULHUB", "id": "VHN-110883" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-2680", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-18-023-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-293562", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-284673", "trust": 2.0 }, { "db": "BID", "id": "98369", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-546832", "trust": 1.7 }, { "db": "SECTRACK", "id": "1038463", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-17-129-02", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201705-574", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-06151", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-18-128-01", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-004134", "trust": 0.8 }, { "db": "IVD", "id": "296C9514-B30D-4FA5-BCDC-9D8B2E9620C4", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-99023", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-110883", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "VULHUB", "id": "VHN-110883" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "id": "VAR-201705-3220", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "VULHUB", "id": "VHN-110883" } ], "trust": 1.5467968472 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" } ] }, "last_update_date": "2024-11-23T22:56:02.371000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-293562", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "title": "Patch for a number of Siemens products with a denial of service vulnerability (CNVD-2017-06151)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/93364" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70052" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-110883" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02" }, { "trust": 2.0, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/98369" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1038463" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" }, { "trust": 0.9, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2680" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-128-01" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2680" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "VULHUB", "id": "VHN-110883" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "db": "CNVD", "id": "CNVD-2017-06151" }, { "db": "VULHUB", "id": "VHN-110883" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "db": "CNNVD", "id": "CNNVD-201705-574" }, { "db": "NVD", "id": "CVE-2017-2680" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "IVD", "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4" }, { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06151" }, { "date": "2017-05-11T00:00:00", "db": "VULHUB", "id": "VHN-110883" }, { "date": "2017-05-08T00:00:00", "db": "BID", "id": "98369" }, { "date": "2017-06-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "date": "2017-05-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201705-574" }, { "date": "2017-05-11T01:29:05.400000", "db": "NVD", "id": "CVE-2017-2680" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06151" }, { "date": "2020-09-29T00:00:00", "db": "VULHUB", "id": "VHN-110883" }, { "date": "2018-05-09T14:00:00", "db": "BID", "id": "98369" }, { "date": "2018-05-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004134" }, { "date": "2022-02-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201705-574" }, { "date": "2024-11-21T03:23:57.563000", "db": "NVD", "id": "CVE-2017-2680" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201705-574" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Service disruption in products (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004134" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201705-574" } ], "trust": 0.6 } }
var-201904-0174
Vulnerability from variot
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0174", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinamics s210", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "5.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics sm120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic ipc diagmonitor", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1.3" }, { "model": "simatic s7-1500s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "sinamics gh150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.3" }, { "model": "sinamics gm150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic cp443-1 advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics sl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "sitop manager", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1" }, { "model": "sinamics sm120", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics g130", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "cp1604", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics s120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "sitop psu8600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.5" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic cp443-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v eip", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.3" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-400 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sitop ups1600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics sm150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic rf182c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf600r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.1" }, { "model": "cp1616", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic teleservice adapter ie standard", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf185c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic rf186c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic teleservice adapter ie basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gm150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-1500t", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-300", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3.17" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gh150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic rf188c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.6" }, { "model": "sinamics g150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "sinamics s150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic winac rtx", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics sl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic cp443-1 opc ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics sm150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic rf181-eip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "tim 1531 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic s7-1500f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic cp343-1 advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics s210", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic teleservice adapter ie advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1604", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1616", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic rf185c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "sinamics s150", "version": "5.1" }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic s7-300 cpu family all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7" }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics g130 and g150", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf182c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 opc ua", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf188c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf600r", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "cp1604", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "cp1616", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et sp open controller cpu 1515sp pc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "200\u003cv2.1.6" }, { "model": "simatic hmi comfort panels 4\" 22\"", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6" }, { "model": "sinamics s150", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s210", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "sinamics s210 sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" }, { "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\"", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf181-eip", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf186c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie basic", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie standard", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v" }, { "model": "simocode pro pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v" }, { "model": "sitop manager", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sitop psu8600", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sitop ups1600", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siamtic rf185c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp343-1 advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "200" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinamics s210", "version": "5.1" }, { "model": "tim irc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15310" }, { "model": "sitop ups1600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop psu8600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop manager", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics s210 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics s120 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s120 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics g150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics g130 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g130 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "simocode pro pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v0" }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v0" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic teleservice adapter ie standard", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic teleservice adapter ie basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic teleservice adapter ie advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v60" }, { "model": "simatic s7-300 cpu", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500 cpu", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf600r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf188c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf186c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf185c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf182c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp900f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp900 mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp700f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp700 mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp400f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp opc ua", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "rfid 181-eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16160" }, { "model": "cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16040" }, { "model": "sinamics s150 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s120 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g150 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g130 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-300 cpu", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v3.x.16" }, { "model": "simatic et200 open controller cpu 1515sp pc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.1.6" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "cp1604", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp400f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 opc ua", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic ipc diagmonitor", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 plcsim advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop manager", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf600r", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf188c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf186c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "cp1616", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf182c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf181 eip", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie basic", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie standard", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf185c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v eip", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g130", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s120", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s210", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop psu8600", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop ups1600", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "tim 1531 irc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp343 1 advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500t", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort outdoor panels", "version": "*" } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp343-1_advanced_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf185c_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003541" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to NCCIC.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 }, "cve": "CVE-2019-6568", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-6568", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2019-12904", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-158003", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-6568", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-6568", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6568", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2019-6568", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-6568", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-12904", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201904-458", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-158003", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device. \r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data", "sources": [ { "db": "NVD", "id": "CVE-2019-6568" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "BID", "id": "107842" }, { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "VULHUB", "id": "VHN-158003" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6568", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-099-06", "trust": 2.3 }, { "db": "SIEMENS", "id": "SSA-480230", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-530931", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-19-227-04", "trust": 1.4 }, { "db": "BID", "id": "107842", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201904-458", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-12904", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-003541", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.3150", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1204.2", "trust": 0.6 }, { "db": "IVD", "id": "A397CC8B-EE17-4FAF-8447-E9EE5F57DD12", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-158003", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "id": "VAR-201904-0174", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" } ], "trust": 1.5998432480392157 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" } ] }, "last_update_date": "2024-11-23T22:25:58.024000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-480230", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "title": "SSA-530931", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" }, { "title": "Patches for multiple Siemens product denial of service vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/160237" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=91286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.1 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158003" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-06" }, { "trust": 2.0, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" }, { "trust": 1.4, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-04" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6568" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6568" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3150/" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-06" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-099-06" }, { "trust": 0.6, "url": "https://www.securityfocus.com/bid/107842" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-webserver-28976" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/78710" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-05T00:00:00", "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "date": "2019-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2019-12904" }, { "date": "2019-04-17T00:00:00", "db": "VULHUB", "id": "VHN-158003" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107842" }, { "date": "2019-05-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "date": "2019-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-458" }, { "date": "2019-04-17T14:29:03.683000", "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-07T00:00:00", "db": "CNVD", "id": "CNVD-2019-12904" }, { "date": "2023-01-10T00:00:00", "db": "VULHUB", "id": "VHN-158003" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107842" }, { "date": "2019-08-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-458" }, { "date": "2024-11-21T04:46:42.773000", "db": "NVD", "id": "CVE-2019-6568" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerability related to input validation in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003541" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 } }
var-202004-0712
Vulnerability from variot
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service. Several Siemens products contain resource exhaustion vulnerabilities.Service operation interruption (DoS) It may be put into a state. are all products of the German Siemens (Siemens) company. SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC TDC CP51M1 is an industrial Ethernet communication module of the SIMATIC TDC automation system.
Many Siemens products have resource management error vulnerabilities, which can be exploited by attackers to cause denial of service. A vulnerability has been identified in KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Interfacemodul IM 155-6 MF HF (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/PN Coupler (incl. PROFINET (All versions)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0712", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 1.6, "vendor": "simatic et200sp im155 6 pn 2 hf", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "ktk ate530s", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor atd430w", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor ate530s coated", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor ate531s", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx \\ 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "ktk ate530s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "sidoor atd430w", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic pn\\/pn coupler", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-410 cpu", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic tdc cpu555", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic tdc cp51m1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics s\\/g control unit", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200sp im155-6 pn ha", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic micro-drive pdc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sidoor ate531s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200sp im155-6 pn\\/2 hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "sidoor ate530s coated", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200sp im155-6 mf hf", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-300 cpu", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-400 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200mp im155-5 pn hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "ktk ate530s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 pn hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic micro drive pdc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pn pn coupler", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1511 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1513 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1515 2 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1516 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1517 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor atd430w", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1518 4 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1511f 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1513f 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1515f 2 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1516f 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1517f 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1518f 4 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 300 cpu", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 400 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor ate530s coated", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 410 cpu", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic tdc cp51m1", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic tdc cpu555", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic winac rtx f 2010", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sinamics s g control unit", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor ate531s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et 200sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et 200sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200mp im155 5 pn hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 mf hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 pn ha", "version": "*" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200mp im 155-5 pn hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 mf hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn ha", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-300", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 mf hf", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200mp im155-5 pn hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic pn/pn coupler", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-410", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic tdc cp51m1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 pn ha", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 pn/2 hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn/3 hf.simatic micro-drive pdc", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic micro-drive pdc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic tdc cpu555", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s/g control unit w. profinet", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:ktk_ate530s_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sidoor_atd430w_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sidoor_ate530s_coated_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sidoor_ate531s_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_im_155-5_pn_hf_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et200sp_im155-6_mf_hf_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et200sp_im155-6_pn_ha_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et200sp_im155-6_pn_hf_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015236" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 0.6 }, "cve": "CVE-2019-19300", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-19300", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.1, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-015236", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2020-23035", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "53646c4d-c67e-442c-b6e5-e05576895f55", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "b989cd8a-d784-43d6-b848-6040a850cda1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "40b4fa3b-5945-486b-8125-8431896d5661", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-19300", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-015236", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-19300", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2019-19300", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2019-015236", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-23035", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202004-801", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661", "trust": 0.2, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-19300", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service. Several Siemens products contain resource exhaustion vulnerabilities.Service operation interruption (DoS) It may be put into a state. are all products of the German Siemens (Siemens) company. SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC TDC CP51M1 is an industrial Ethernet communication module of the SIMATIC TDC automation system. \n\r\n\r\nMany Siemens products have resource management error vulnerabilities, which can be exploited by attackers to cause denial of service. A vulnerability has been identified in KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Interfacemodul IM 155-6 MF HF (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions \u003c V2.0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions \u003e= V4.2), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions \u003e= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/PN Coupler (incl. PROFINET (All versions)", "sources": [ { "db": "NVD", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "VULMON", "id": "CVE-2019-19300" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-19300", "trust": 3.9 }, { "db": "ICS CERT", "id": "ICSA-20-105-08", "trust": 2.1 }, { "db": "SIEMENS", "id": "SSA-593272", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2020-23035", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-202004-801", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU95499848", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-015236", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2020.1345", "trust": 0.6 }, { "db": "IVD", "id": "27A9C9BB-8ADF-48D6-B6BD-C1000A913454", "trust": 0.2 }, { "db": "IVD", "id": "53646C4D-C67E-442C-B6E5-E05576895F55", "trust": 0.2 }, { "db": "IVD", "id": "B989CD8A-D784-43D6-B848-6040A850CDA1", "trust": 0.2 }, { "db": "IVD", "id": "40B4FA3B-5945-486B-8125-8431896D5661", "trust": 0.2 }, { "db": "VULMON", "id": "CVE-2019-19300", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "id": "VAR-202004-0712", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" } ], "trust": 2.1117984273913044 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 }, { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" } ] }, "last_update_date": "2024-11-23T22:16:29.831000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-593272", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "title": "Patch for Multiple Siemens product resource management error vulnerabilities (CNVD-2020-23035)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/214037" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b6bdf7c5a64c5efcddeb45b5831983cf" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19300" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-593272.html" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19300" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu95499848/index.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1345/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-08" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-interniche-segmentsmack-32022" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/400.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-08" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23035" }, { "date": "2020-04-14T00:00:00", "db": "VULMON", "id": "CVE-2019-19300" }, { "date": "2020-04-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "date": "2020-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-801" }, { "date": "2020-04-14T20:15:14.903000", "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23035" }, { "date": "2022-06-14T00:00:00", "db": "VULMON", "id": "CVE-2019-19300" }, { "date": "2020-04-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "date": "2023-02-15T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-801" }, { "date": "2024-11-21T04:34:31.677000", "db": "NVD", "id": "CVE-2019-19300" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Variety Siemens Product resource management error vulnerability ( CNVD-2020-23035 )", "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Resource management error", "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 1.4 } }
var-202202-0372
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0372", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1516t-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "tim 1531 irc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "tim 1531 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": "gt", "trust": 0.6, "vendor": "siemens", "version": "v2.5,\u003cv2.9.2" }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.4" }, { "model": "simatic s7-1200 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v4.5.0\u003cv4.5.2" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531\u003e=v2.2" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-568" } ], "trust": 0.6 }, "cve": "CVE-2021-37204", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2021-37204", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-10003", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-37204", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2022-005068", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-37204", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2021-37204", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-37204", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-10003", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202202-568", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNNVD", "id": "CNNVD-202202-568" }, { "db": "NVD", "id": "CVE-2021-37204" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs", "sources": [ { "db": "NVD", "id": "CVE-2021-37204" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNVD", "id": "CNVD-2022-10003" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-37204", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-838121", "trust": 2.2 }, { "db": "ICS CERT", "id": "ICSA-22-041-01", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU98748974", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-005068", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-10003", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021105", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0605", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202202-568", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNNVD", "id": "CNNVD-202202-568" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "id": "VAR-202202-0372", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" } ], "trust": 1.346276972 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" } ] }, "last_update_date": "2024-08-14T12:47:36.679000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-838121", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "title": "Patch for Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10003)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/318446" }, { "title": "SIMATIC S7-1500 CPU Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=185271" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNNVD", "id": "CNNVD-202202-568" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-672", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37204" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98748974/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0605" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021105" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNNVD", "id": "CNNVD-202202-568" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-10003" }, { "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "db": "CNNVD", "id": "CNNVD-202202-568" }, { "db": "NVD", "id": "CVE-2021-37204" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10003" }, { "date": "2023-05-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "date": "2022-02-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-568" }, { "date": "2022-02-09T16:15:13.333000", "db": "NVD", "id": "CVE-2021-37204" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10003" }, { "date": "2023-05-16T08:41:00", "db": "JVNDB", "id": "JVNDB-2022-005068" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-568" }, { "date": "2023-04-11T10:15:09.827000", "db": "NVD", "id": "CVE-2021-37204" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-568" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005068" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-568" } ], "trust": 0.6 } }
var-202202-0370
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products are vulnerable to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0370", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1516t-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 1211c", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.2" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.4" }, { "model": "tim 1531 irc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "s7 1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "tim 1531 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": "gt", "trust": 0.6, "vendor": "siemens", "version": "v2.5,\u003cv2.9.2" }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.9.4" }, { "model": "simatic s7-1200 cpu family", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v4.5.0\u003cv4.5.2" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531\u003e=v2.2" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-550" } ], "trust": 0.6 }, "cve": "CVE-2021-37205", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2021-37205", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-10002", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-37205", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2022-005069", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-37205", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2021-37205", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-37205", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-10002", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202202-550", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNNVD", "id": "CNNVD-202202-550" }, { "db": "NVD", "id": "CVE-2021-37205" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products are vulnerable to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs", "sources": [ { "db": "NVD", "id": "CVE-2021-37205" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNVD", "id": "CNVD-2022-10002" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-37205", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-838121", "trust": 2.2 }, { "db": "ICS CERT", "id": "ICSA-22-041-01", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU98748974", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-005069", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-10002", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021105", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0605", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202202-550", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNNVD", "id": "CNNVD-202202-550" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "id": "VAR-202202-0370", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" } ], "trust": 1.346276972 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" } ] }, "last_update_date": "2024-08-14T12:22:53.167000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-838121", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "title": "Patch for Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10002)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/318451" }, { "title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=181689" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNNVD", "id": "CNNVD-202202-550" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-401", "trust": 1.0 }, { "problemtype": "Lack of memory release after expiration (CWE-401) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37205" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98748974/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0605" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021105" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNNVD", "id": "CNNVD-202202-550" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-10002" }, { "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "db": "CNNVD", "id": "CNNVD-202202-550" }, { "db": "NVD", "id": "CVE-2021-37205" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10002" }, { "date": "2023-05-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "date": "2022-02-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-550" }, { "date": "2022-02-09T16:15:13.393000", "db": "NVD", "id": "CVE-2021-37205" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10002" }, { "date": "2023-05-16T08:46:00", "db": "JVNDB", "id": "JVNDB-2022-005069" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-550" }, { "date": "2023-04-11T10:15:10.077000", "db": "NVD", "id": "CVE-2021-37205" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-550" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Lack of Freeing Memory After Expiration Vulnerability in Multiple Siemens Products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005069" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-550" } ], "trust": 0.6 } }
var-202312-0259
Vulnerability from variot
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. SIMATIC Drive Controller CPU 1504D TF firmware, SIMATIC Drive Controller CPU 1507D TF firmware, simatic et 200sp open control 1515sp pc2 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digitally native CNC system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0259", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1515f-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200sp open control 1515sp pc2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 et 200pro\\: cpu 1516pro f-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 et 200pro\\: cpu 1513pro-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "siplus s7-1500 cpu 1515f-2 pn t2 rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1515r-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1517tf-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 et 200pro\\: cpu 1513pro f-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1516t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 et 200pro\\:cpu 1516pro-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus et 200sp cpu 1512sp-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1516-3 pn\\/dp tx rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik one", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus et 200sp cpu 1510sp f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1515tf-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus et 200sp cpu 1510sp-1 pn rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu s7-1518-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1518t-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1514spt f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus et 200sp cpu 1512sp-1 pn rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1515t-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1515f-2 pn rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1518hf-4 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1517h-3 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1515r-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1511f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1518tf-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1514spt-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1517t-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu s7-1518f-4 pn\\/dp odk", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1511-1 pn tx rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1513-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1515r-2 pn tx rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus et 200sp cpu 1510sp-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1511-1 pn t1 rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus et 200sp 1512sp f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1500 cpu 1513f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "sinumerik mc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus s7-1500 cpu 1511-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1517h-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "siplus et 200sp cpu 1512sp f-1 pn rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1514sp f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 cpu 1518hf-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1514sp f-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1514spt f-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open control 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1514sp-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511c-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7 1500 cpu 1513-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511tf-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512sp f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1514spt-2 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1513r-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511t-1 pn", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sinumerik one", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik mc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "cve": "CVE-2023-46156", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-97274", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2023-46156", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2023-019859", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-46156", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-019859", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-97274", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Affected devices improperly handle specially crafted packets sent to port 102/tcp. \r\nThis could allow an attacker to create a denial of service condition. A restart is needed to restore\r\nnormal operations. SIMATIC Drive Controller CPU 1504D TF firmware, SIMATIC Drive Controller CPU 1507D TF firmware, simatic et 200sp open control 1515sp pc2 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digitally native CNC system", "sources": [ { "db": "NVD", "id": "CVE-2023-46156" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "CNVD", "id": "CNVD-2023-97274" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-46156", "trust": 3.2 }, { "db": "SIEMENS", "id": "SSA-280603", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-592380", "trust": 1.8 }, { "db": "ICS CERT", "id": "ICSA-23-348-11", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-348-09", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU98271228", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-019859", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-97274", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "id": "VAR-202312-0259", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" } ], "trust": 1.2340367349999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" } ] }, "last_update_date": "2024-08-14T13:12:12.052000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SINUMERIK ONE and SINUMERIK-MC Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/500406" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.0 }, { "problemtype": "Use of freed memory (CWE-416) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdf" }, { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98271228/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-46156" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-09" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-11" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97274" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-97274" }, { "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "db": "NVD", "id": "CVE-2023-46156" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-12-14T00:00:00", "db": "CNVD", "id": "CNVD-2023-97274" }, { "date": "2024-01-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "date": "2023-12-12T12:15:13.417000", "db": "NVD", "id": "CVE-2023-46156" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-12-13T00:00:00", "db": "CNVD", "id": "CNVD-2023-97274" }, { "date": "2024-01-15T05:11:00", "db": "JVNDB", "id": "JVNDB-2023-019859" }, { "date": "2024-03-12T11:15:47.740000", "db": "NVD", "id": "CVE-2023-46156" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Use of Freed Memory Vulnerability in Multiple Siemens Products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-019859" } ], "trust": 0.8 } }
var-201803-2159
Vulnerability from variot
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.
The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module for supporting PROFINET, a new generation of automation bus standard based on Industrial Ethernet technology. SIMATIC S7-1500 is a programmable logic controller.
A denial of service vulnerability exists in several Siemens products. Siemens SIMATIC/SINUMERIK/PROFINET IO are prone to a denial-of-service vulnerability. Successful exploitation requires no user interaction or privileges and impacts the availability of core functionality of the affected device. At the time of advisory publication no public exploitation of this security vulnerability is known. Siemens provides mitigations to resolve the security issue. PROFIBUS interfaces are not affected. F; SINUMERIK 828D; SINUMERIK 840D sl; Softnet PROFINET IO for PC-based Windows systems
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2159", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-410", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic s7-400 pn\\/dp v7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinumerik 828d", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "softnet pn-io linux", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-300", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 h v6", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinumerik 828d", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.7.0" }, { "model": "simatic s7-400 pn\\/dp v6", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0.7" }, { "model": "simatic cp 343-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-300", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp v6", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp v7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400h v6", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-410", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "for pc-based windows systems firmware" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "343-1" }, { "model": "simatic cp standard", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "343-1" }, { "model": "simatic cp standard", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1" }, { "model": "simatic s7-1500 software controller incl. f", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "1.7.0" }, { "model": "simatic s7-1500 incl. f", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "1.7.0" }, { "model": "simatic s7-300 incl. f and t", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 h", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6" }, { "model": "simatic s7-400 pn/dp incl. f", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6\u003c6.0.7" }, { "model": "simatic s7-400 pn/dp incl. f", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7" }, { "model": "simatic winac rtx incl. f", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "sinumerik 840d sl", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "softnet profinet io for pc-based windows systems", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic cp 343 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic cp 443 1", "version": null }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d sl", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic s7-410", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "8" }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7" }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6" }, { "model": "simatic s7-400 h", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v60" }, { "model": "simatic s7-300", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp standard", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp standard", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "simatic s7-410", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "8.1" }, { "model": "simatic s7-400 pn/dp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "6.0.7" }, { "model": "simatic s7-1500 software controller", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": "simatic s7-1500", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 410", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinumerik 828d", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet pn io linux", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 h v6", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn dp v6", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn dp v7", "version": null } ], "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "BID", "id": "103465" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_pn%2Fdp_v6_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400pn%2Fdp_v7_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400h_v6_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-410_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-003479" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens ProductCERT", "sources": [ { "db": "BID", "id": "103465" } ], "trust": 0.3 }, "cve": "CVE-2018-4843", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2018-4843", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "exploitabilityScore": 3.2, "id": "CNVD-2018-06025", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "exploitabilityScore": 3.2, "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-134874", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2018-4843", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4843", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-4843", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2018-4843", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2018-4843", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2018-06025", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201803-723", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-134874", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "VULHUB", "id": "VHN-134874" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" }, { "db": "NVD", "id": "CVE-2018-4843" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V1.7.0), SIMATIC S7-1500 Software Controller (All versions \u003c V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions \u003c V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions \u003c V8.1), SIMATIC WinAC RTX 2010 (All versions \u003c V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions \u003c V2010 SP3), SINUMERIK 828D (All versions \u003c V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. \r\n\r\nThe security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module for supporting PROFINET, a new generation of automation bus standard based on Industrial Ethernet technology. SIMATIC S7-1500 is a programmable logic controller. \n\nA denial of service vulnerability exists in several Siemens products. Siemens SIMATIC/SINUMERIK/PROFINET IO are prone to a denial-of-service vulnerability. Successful exploitation requires no user interaction or privileges and impacts the availability of core functionality of the affected device. At the time of advisory publication no public exploitation of this security vulnerability is known. Siemens provides mitigations to resolve the security issue. PROFIBUS interfaces are not affected. F; SINUMERIK 828D; SINUMERIK 840D sl; Softnet PROFINET IO for PC-based Windows systems", "sources": [ { "db": "NVD", "id": "CVE-2018-4843" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "BID", "id": "103465" }, { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-134874" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4843", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-592007", "trust": 2.0 }, { "db": "ICS CERT", "id": "ICSA-18-079-02", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2018-06025", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201803-723", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-003479", "trust": 0.8 }, { "db": "BID", "id": "103465", "trust": 0.4 }, { "db": "IVD", "id": "E2E91DF0-39AB-11E9-BEF8-000C29342CB1", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-98995", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-134874", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "VULHUB", "id": "VHN-134874" }, { "db": "BID", "id": "103465" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "id": "VAR-201803-2159", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "VULHUB", "id": "VHN-134874" } ], "trust": 1.6436873514285715 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" } ] }, "last_update_date": "2024-11-23T22:55:55.082000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-592007", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf" }, { "title": "Patch for Multiple Siemens Product Denial of Service Vulnerabilities (CNVD-2018-06025)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/122865" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=79323" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-134874" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf" }, { "trust": 1.7, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-079-02" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4843" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4843" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "VULHUB", "id": "VHN-134874" }, { "db": "BID", "id": "103465" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-06025" }, { "db": "VULHUB", "id": "VHN-134874" }, { "db": "BID", "id": "103465" }, { "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "db": "CNNVD", "id": "CNNVD-201803-723" }, { "db": "NVD", "id": "CVE-2018-4843" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-03-22T00:00:00", "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "date": "2018-03-22T00:00:00", "db": "CNVD", "id": "CNVD-2018-06025" }, { "date": "2018-03-20T00:00:00", "db": "VULHUB", "id": "VHN-134874" }, { "date": "2018-03-20T00:00:00", "db": "BID", "id": "103465" }, { "date": "2018-05-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "date": "2018-03-21T00:00:00", "db": "CNNVD", "id": "CNNVD-201803-723" }, { "date": "2018-03-20T14:29:00.413000", "db": "NVD", "id": "CVE-2018-4843" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2018-06025" }, { "date": "2023-01-10T00:00:00", "db": "VULHUB", "id": "VHN-134874" }, { "date": "2018-03-20T00:00:00", "db": "BID", "id": "103465" }, { "date": "2018-07-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-003479" }, { "date": "2023-05-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201803-723" }, { "date": "2024-11-21T04:07:34.080000", "db": "NVD", "id": "CVE-2018-4843" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201803-723" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-003479" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "e2e91df0-39ab-11e9-bef8-000c29342cb1" }, { "db": "BID", "id": "103465" }, { "db": "CNNVD", "id": "CNNVD-201803-723" } ], "trust": 1.1 } }
var-202410-0118
Vulnerability from variot
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functionality of the SIMATIC S7-1500 CPU and SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller, including optional visualization as well as central I/O in a compact device. Both the SIMATIC S7-1200 CPU and the SIMATIC S7-1500 CPU are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 MFP CPUs offer the functionality of standard S7-1500 CPUs and can run C/C++ code in the CPU runtime to execute your own functions/algorithms implemented in C/C++. The SIMATIC S7-1500 Software Controller is a SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0118", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.1.4" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.1.4" }, { "model": "simatic s7-1200 cpu family", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v4" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v2" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" } ] }, "cve": "CVE-2024-46886", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2024-40007", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2024-46886", "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2024-46886", "trust": 1.0, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-40007", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" }, { "db": "NVD", "id": "CVE-2024-46886" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functionality of the SIMATIC S7-1500 CPU and SINAMICS S120 drive control. The SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller, including optional visualization as well as central I/O in a compact device. Both the SIMATIC S7-1200 CPU and the SIMATIC S7-1500 CPU are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 MFP CPUs offer the functionality of standard S7-1500 CPUs and can run C/C++ code in the CPU runtime to execute your own functions/algorithms implemented in C/C++. The SIMATIC S7-1500 Software Controller is a SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives", "sources": [ { "db": "NVD", "id": "CVE-2024-46886" }, { "db": "CNVD", "id": "CNVD-2024-40007" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2024-46886", "trust": 1.6 }, { "db": "SIEMENS", "id": "SSA-876787", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2024-40007", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" }, { "db": "NVD", "id": "CVE-2024-46886" } ] }, "id": "VAR-202410-0118", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" } ], "trust": 1.3246210842857145 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" } ] }, "last_update_date": "2024-10-18T03:55:34.708000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Multiple Products URL Redirection Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/598706" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-601", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2024-46886" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-876787.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" }, { "db": "NVD", "id": "CVE-2024-46886" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-40007" }, { "db": "NVD", "id": "CVE-2024-46886" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-40007" }, { "date": "2024-10-08T09:15:16.093000", "db": "NVD", "id": "CVE-2024-46886" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-10-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-40007" }, { "date": "2024-10-10T12:56:30.817000", "db": "NVD", "id": "CVE-2024-46886" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens Multiple Products URL Redirection Vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2024-40007" } ], "trust": 0.6 } }
var-201712-0703
Vulnerability from variot
Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. plural Siemens The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSIMATICS7-200Smart and others are products of Siemens AG. The Siemens SIMATICS7-200Smart is a programmable logic controller (PLC) for use in small and medium-sized automation systems. SIMATICWinACRTX2010incl is a software controller for automation solutions. A denial of service vulnerability exists in several Siemens products. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. A vulnerability has been identified in SIMATIC S7-200 Smart (All versions < V2.03.01), SIMATIC S7-400 PN V6 (All versions < V6.0.6), SIMATIC S7-400 H V6 (All versions < V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions < V7.0.2), SIMATIC S7-410 V8 (All versions < V8.2.1), SIMATIC S7-300 (All versions < V3.X.16), SIMATIC S7-1200 (All versions < V4.2.3), SIMATIC S7-1500 (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions < V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions < V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions < V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5), SIMOTION D (All versions < V5.1 HF1), SIMOTION C (All versions < V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions < V4.5 HF5), SIMOTION P V5 (All versions < V5.1 HF1), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions < V1.2 HF2), SINAMICS G110M w. PN (All versions < V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions < V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions < V4.7), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions < V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS V90 w. PN (All versions < V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions < V4.2.0), SIMOCODE pro V PROFINET (All versions < V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions < V1.0.2). Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-200 Smart prior to V2.03.01; SIMATIC S7-400 PN/DP V7 CPU family (SIPLUS variants); SIMATIC S7-410 V8 CPU family (SIPLUS variants); SIMATIC S7- 300 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1200 CPU family (related to SIPLUS variants); SIMATIC S7-1500 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller prior to V2.0 wait
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201712-0703", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinamics s120", "scope": "eq", "trust": 1.9, "vendor": "siemens", "version": null }, { "model": "sinumerik 840d sl", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic compact field unit", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic pn\\/pn coupler", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinamics v90pn", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinamics s150 v4.8", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simocode pro v profinet", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinamics s150 v4.7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinamics s110pn", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sirius soft starter 3rw44pn", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-300", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200al", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200ecopn", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200m", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200mp", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200pro", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200s", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinamics dcm", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinamics dcp", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "dk standard ethernet controller", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinumerik 840d sl", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic compact field unit", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic pn/pn coupler", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sirius soft starter 3rw44 pn", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinamics g150", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": null }, { "model": "sinamics g130", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic et 200m", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "dk standard ethernet controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinamics g110m\\/g120pn", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-300", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic et 200s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-400pn v6", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0.6" }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simotion c", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic et 200mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic et 200ecopn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic et 200al", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinamics dcm", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-410 v8", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simotion p", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic s7-400h v6", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0.8" }, { "model": "simatic s7-400pn\\/dp v7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-200", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.03.01" }, { "model": "ek-ertec 200p", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic et 200pro", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simotion d", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics dcp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200 pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200p p", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-200 smart", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn v6", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp v7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400h v6", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-410 v8", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010 incl. f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simocode pro v profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simotion c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simotion d", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simotion p", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g110m", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g130", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g150", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s110 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s150 v4.7 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s150 v4.8 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics v90 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-200 smart", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.03.01" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6\u003cv6.0.6" }, { "model": "simatic s7-400 h", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6" }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7" }, { "model": "simatic s7-410", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8" }, { "model": "simatic winac rtx incl.f", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "ek-ertec pn io", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "200" }, { "model": "simotion d hf1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "simotion c hf1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "simotion p hf1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "sinamics g110m/g120 w.pn sp9 hf1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.7" }, { "model": "ek-ertec 200p", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.5" }, { "model": "sinamics s110 w.pn", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s150", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v4.8" }, { "model": "sinamics w.pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v90" }, { "model": "simocode pro profinet", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v" }, { "model": "sinamics g130 and g150", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sirius soft starter 3rw44 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d sl", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinumerik 840d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics sm150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sm120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.5" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.4" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics gm150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gh150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "sinamics dcp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics dcm", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simotion", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v1.0.1" }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v1.0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic winac rtx f sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic s7-410", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "8" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v60" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-400 h", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v60" }, { "model": "simatic s7-300", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.8.3" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.6" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.5.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.1.3" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0.0" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0.3" }, { "model": "simatic s7-1200", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0.2" }, { "model": "simatic et", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2000" }, { "model": "simatic compact field unit", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.4.1" }, { "model": "profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics sm120 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics sl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gm150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gh150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g120p", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "sinamics g120d", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "sinamics g120c", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "sinamics g120 update sp9 hf1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g110m", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simotion p hf1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "simotion c hf1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "simocode pro eip", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v1.0.2" }, { "model": "simatic s7-400 pn", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v66.0.6" }, { "model": "simatic s7-200 smart", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 200", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx f 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200al", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200ecopn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200m", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200mp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200pro", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200s", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "dk standard ethernet controller", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200p", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400pn v6", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200pn io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simotion d", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simotion c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simotion p", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcm", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g110m g120pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g130", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g150", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s110pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400h v6", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s120", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150 v4 7", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150 v4 8", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics v90pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinumerik 840d sl", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic compact field unit", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pn pn coupler", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius soft starter 3rw44pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400pn dp v7", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 410 v8", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": "2.0" } ], "sources": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "BID", "id": "101964" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_compact_field_unit_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_pn%2Fpn_coupler_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400pn_v6_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400pn%2Fdp_v7_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400h_v6_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-410_v8_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_f_2010_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simotion_c_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simotion_d_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simotion_p_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s150_v4.7_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s150_v4.8_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-011798" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens ProductCERT reported this vulnerability to NCCIC.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201711-1105" } ], "trust": 0.6 }, "cve": "CVE-2017-12741", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2017-12741", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2017-36884", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e2df32de-39ab-11e9-b092-000c29342cb1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-103294", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2017-12741", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2017-12741", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-12741", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2017-12741", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2017-12741", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2017-36884", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201711-1105", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-103294", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "VULHUB", "id": "VHN-103294" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "db": "NVD", "id": "CVE-2017-12741" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. plural Siemens The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSIMATICS7-200Smart and others are products of Siemens AG. The Siemens SIMATICS7-200Smart is a programmable logic controller (PLC) for use in small and medium-sized automation systems. SIMATICWinACRTX2010incl is a software controller for automation solutions. A denial of service vulnerability exists in several Siemens products. \nAttackers can exploit this issue to crash the affected device, denying service to legitimate users. A vulnerability has been identified in SIMATIC S7-200 Smart (All versions \u003c V2.03.01), SIMATIC S7-400 PN V6 (All versions \u003c V6.0.6), SIMATIC S7-400 H V6 (All versions \u003c V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions \u003c V7.0.2), SIMATIC S7-410 V8 (All versions \u003c V8.2.1), SIMATIC S7-300 (All versions \u003c V3.X.16), SIMATIC S7-1200 (All versions \u003c V4.2.3), SIMATIC S7-1500 (All versions \u003c V2.0), SIMATIC S7-1500 Software Controller (All versions \u003c V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions \u003c V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions \u003c V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions \u003c V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions \u003c V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions \u003c V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions \u003c V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions \u003c V4.5), SIMOTION D (All versions \u003c V5.1 HF1), SIMOTION C (All versions \u003c V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions \u003c V4.5 HF5), SIMOTION P V5 (All versions \u003c V5.1 HF1), SINAMICS DCM w. PN (All versions \u003c V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions \u003c V1.2 HF2), SINAMICS G110M w. PN (All versions \u003c V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions \u003c V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS S110 w. PN (All versions \u003c V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions \u003c V4.7), SINAMICS S120 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions \u003c V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS V90 w. PN (All versions \u003c V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions \u003c V4.2.0), SIMOCODE pro V PROFINET (All versions \u003c V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions \u003c V1.0.2). Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-200 Smart prior to V2.03.01; SIMATIC S7-400 PN/DP V7 CPU family (SIPLUS variants); SIMATIC S7-410 V8 CPU family (SIPLUS variants); SIMATIC S7- 300 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1200 CPU family (related to SIPLUS variants); SIMATIC S7-1500 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller prior to V2.0 wait", "sources": [ { "db": "NVD", "id": "CVE-2017-12741" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "BID", "id": "101964" }, { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-103294" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-12741", "trust": 3.6 }, { "db": "BID", "id": "101964", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-17-339-01", "trust": 2.3 }, { "db": "SIEMENS", "id": "SSA-346262", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-546832", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-141614", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-18-128-01", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-19-099-01", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201711-1105", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-36884", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-011798", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.1206", "trust": 0.6 }, { "db": "IVD", "id": "E2DF32DE-39AB-11E9-B092-000C29342CB1", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-103294", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "VULHUB", "id": "VHN-103294" }, { "db": "BID", "id": "101964" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "id": "VAR-201712-0703", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "VULHUB", "id": "VHN-103294" } ], "trust": 1.560734225135135 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" } ] }, "last_update_date": "2024-11-23T22:56:02.420000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-346262", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf" }, { "title": "Patches for multiple Siemens product denial of service vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/109849" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76771" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-19", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-103294" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.9, "url": "https://www.securityfocus.com/bid/101964" }, { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-339-01" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "trust": 1.7, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-128-01" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-346262.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-141614.html" }, { "trust": 0.9, "url": "http://www.siemens.com/" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-01" }, { "trust": 0.9, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf" }, { "trust": 0.9, "url": "https://cert-portal.siemens.com/productcert/txt/ssa-546832.txt" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12741" }, { "trust": 0.8, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-01" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12741" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/78750" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-339-01" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "VULHUB", "id": "VHN-103294" }, { "db": "BID", "id": "101964" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2017-36884" }, { "db": "VULHUB", "id": "VHN-103294" }, { "db": "BID", "id": "101964" }, { "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "db": "NVD", "id": "CVE-2017-12741" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-12-12T00:00:00", "db": "IVD", "id": "e2df32de-39ab-11e9-b092-000c29342cb1" }, { "date": "2017-12-12T00:00:00", "db": "CNVD", "id": "CNVD-2017-36884" }, { "date": "2017-12-26T00:00:00", "db": "VULHUB", "id": "VHN-103294" }, { "date": "2017-11-23T00:00:00", "db": "BID", "id": "101964" }, { "date": "2018-01-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "date": "2017-11-28T00:00:00", "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "date": "2017-12-26T04:29:13.707000", "db": "NVD", "id": "CVE-2017-12741" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-12-12T00:00:00", "db": "CNVD", "id": "CNVD-2017-36884" }, { "date": "2020-08-14T00:00:00", "db": "VULHUB", "id": "VHN-103294" }, { "date": "2019-04-10T07:00:00", "db": "BID", "id": "101964" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-011798" }, { "date": "2022-02-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201711-1105" }, { "date": "2024-11-21T03:10:07.963000", "db": "NVD", "id": "CVE-2017-12741" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201711-1105" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Data processing vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-011798" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201711-1105" } ], "trust": 0.6 } }
var-202210-0428
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINUMERIK MC (All versions < V6.21), SINUMERIK ONE (All versions < V6.21). Affected products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication.
This could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202210-0428", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1200 cpu 12 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 15pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic drive controller cpu 1504d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9" }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.9" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5.0" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.9.2" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic drive controller cpu 1507d tf", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 cpu 1511-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Tal Keren from Claroty reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202210-402" } ], "trust": 0.6 }, "cve": "CVE-2022-38465", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-38465", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.5, "id": "CVE-2022-38465", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-38465", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-38465", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2022-38465", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2022-38465", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202210-402", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "CNNVD", "id": "CNNVD-202210-402" }, { "db": "NVD", "id": "CVE-2022-38465" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINUMERIK MC (All versions \u003c V6.21), SINUMERIK ONE (All versions \u003c V6.21). Affected products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. \r\n\r\nThis could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2022-38465" }, { "db": "JVNDB", "id": "JVNDB-2022-018714" } ], "trust": 1.62 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-38465", "trust": 3.2 }, { "db": "SIEMENS", "id": "SSA-568427", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-568428", "trust": 2.4 }, { "db": "ICS CERT", "id": "ICSA-22-286-04", "trust": 1.4 }, { "db": "ICS CERT", "id": "ICSA-22-314-04", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU93762879", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU92214181", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-018714", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.5096", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202210-402", "trust": 0.6 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "CNNVD", "id": "CNNVD-202210-402" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "id": "VAR-202210-0428", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.5762288914285715 }, "last_update_date": "2024-08-14T12:45:48.801000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=210800" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202210-402" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-522", "trust": 1.0 }, { "problemtype": "Inadequate protection of credentials (CWE-522) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf" }, { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568428.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92214181/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu93762879/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-38465" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-04" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-04" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5096" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-286-04" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-weak-encryption-via-weak-key-protection-39511" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-38465/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "CNNVD", "id": "CNNVD-202210-402" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "db": "CNNVD", "id": "CNNVD-202210-402" }, { "db": "NVD", "id": "CVE-2022-38465" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "date": "2022-10-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202210-402" }, { "date": "2022-10-11T11:15:10.357000", "db": "NVD", "id": "CVE-2022-38465" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-23T02:36:00", "db": "JVNDB", "id": "JVNDB-2022-018714" }, { "date": "2023-02-15T00:00:00", "db": "CNNVD", "id": "CNNVD-202210-402" }, { "date": "2023-11-07T03:50:08.877000", "db": "NVD", "id": "CVE-2022-38465" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202210-402" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Insufficient Credential Protection Vulnerability in Multiple Siemens Products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018714" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202210-402" } ], "trust": 0.6 } }
var-202212-1311
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1311", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 317-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1508s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1508s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic s7-1500 cpu 15pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus s7-1200 cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1217c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 314", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "siplus s7-300 cpu 315-2 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1200 cpu 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 cpu 1518-4 dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518-4 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1500 cpu 1507s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "siplus tim 1531 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.6.0" }, { "model": "siplus s7-300 cpu 315-2 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0.1" }, { "model": "simatic s7-1200 cpu 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1200 cpu 1215fc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "simatic s7-1200 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v4.6.0" }, { "model": "simatic s7-1500 cpu family", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.0.1" }, { "model": "siplus tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gao Jian reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2988" } ], "trust": 0.6 }, "cve": "CVE-2021-44693", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2022-87984", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2021-44693", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2021-44693", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 4.9, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2021-020593", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2021-44693", "trust": 1.0, "value": "MEDIUM" }, { "author": "nvd@nist.gov", "id": "CVE-2021-44693", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2021-020593", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2022-87984", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202212-2988", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "db": "NVD", "id": "CVE-2021-44693" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device", "sources": [ { "db": "NVD", "id": "CVE-2021-44693" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "CNVD", "id": "CNVD-2022-87984" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-44693", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-382653", "trust": 3.0 }, { "db": "ICS CERT", "id": "ICSA-22-349-03", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU91561630", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-020593", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-87984", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202212-2988", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "id": "VAR-202212-1311", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" } ], "trust": 1.306162763125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" } ] }, "last_update_date": "2024-08-14T12:27:23.319000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87984)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/372401" }, { "title": "Siemens SIMATIC Drive Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245497" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "CNNVD", "id": "CNNVD-202212-2988" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-1284", "trust": 1.0 }, { "problemtype": "Improper validation of quantity specified in input (CWE-1284) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91561630/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44693" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-44693/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-87984" }, { "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "db": "NVD", "id": "CVE-2021-44693" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87984" }, { "date": "2023-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "date": "2022-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "date": "2022-12-13T16:15:14.750000", "db": "NVD", "id": "CVE-2021-44693" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-16T00:00:00", "db": "CNVD", "id": "CNVD-2022-87984" }, { "date": "2023-11-29T01:33:00", "db": "JVNDB", "id": "JVNDB-2021-020593" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202212-2988" }, { "date": "2023-09-12T10:15:11.263000", "db": "NVD", "id": "CVE-2021-44693" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2988" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-020593" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202212-2988" } ], "trust": 0.6 } }
var-201705-3221
Vulnerability from variot
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3221", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinumerik 840d sl", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "4.7" }, { "model": "sinumerik 840d sl", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "4.5" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "4.7" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "4.5" }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic hmi mobile panels", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf650r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "dk standard ethernet controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.1" }, { "model": "sinamics s110 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "scalance x414", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.10.2" }, { "model": "simatic et 200sp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.2.0" }, { "model": "scalance x200 irt", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.4.0" }, { "model": "simatic cp 1243-1 dnp3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1616", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cm 1542sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "sinamics g130", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1604", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics s110 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic s7-1200", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "ek-ertec 200p pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.4.0" }, { "model": "ie\\/pb-link", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cm 1542-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "sirius motor starter m200d profinet", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik 840d sl", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic rf680r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cp 1243-1 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "sinamics dcp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.2" }, { "model": "simotion", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic cp 343-1 adv", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1 opc-ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "dk standard ethernet controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.1.1" }, { "model": "simatic teleservice adapter ie advanced modem", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic tdc cpu555", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.1" }, { "model": "simatic et 200al", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.2" }, { "model": "simatic dk-16xx pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics g150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g110m", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic s7-300", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3.17" }, { "model": "simatic cp 1543sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "scalance xr500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "simatic et 200ecopn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "ek-ertec 200 pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "softnet profinet io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "scalance m-800", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.03" }, { "model": "simatic hmi multi panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "scalance s615", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.03" }, { "model": "simatic cp 443-1 adv", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.17" }, { "model": "sinamics dcp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.2" }, { "model": "simatic teleservice adapter ie basic modem", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simotion", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "sitop psu8600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.2.0" }, { "model": "sinumerik 840d sl", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "simatic hmi mobile panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "scalance x200", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2.2" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic cp 343-1 std", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.3" }, { "model": "simatic cp 1243-1 iec", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et 200pro", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics g110m", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "scalance xm400", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "scalance x408", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.0" }, { "model": "simatic cp 343-1 lean", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.3" }, { "model": "sirius act 3su1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "ek-ertec 200 pn io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.2.1" }, { "model": "simatic tdc cp51m1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.8" }, { "model": "softnet profinet io", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic et 200mp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0.1" }, { "model": "sinamics dcm", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.4" }, { "model": "simatic s7-200 smart", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3" }, { "model": "simatic cp 1543-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "scalance w700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "simatic et 200m", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik 828d", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "simatic cp 1543sp-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "sinamics s150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic cp 1542sp-1 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0.15" }, { "model": "simatic cp 443-1 std", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.17" }, { "model": "simatic s7-400", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "6.0.6" }, { "model": "sirius soft starter 3rw44 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0.0" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "ups1600 profinet", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.2.0" }, { "model": "sinamics dcm", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.4" }, { "model": "simatic cp 1243-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.82" }, { "model": "ie\\/as-i link pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "sinamics v90 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.01" }, { "model": "scalance x300", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.1.0" }, { "model": "simatic winac rtx", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics g130", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic rf685r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "ek-ertec 200p pn io", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4.0" }, { "model": "sinamics s150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "simatic teleservice adapter standard modem", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "pn\\/pn coupler", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "sinumerik 828d", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.5" }, { "model": "sinamics g120\\ pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.7" }, { "model": "dk standard ethernet controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200 pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ek-ertec 200p pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ie/as-i link pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "ie/pb-link", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "pn/pn coupler", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance m-800", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance s615", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance w700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x200 irt", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x200", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x300", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x408", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance x414", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance xm400", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "scalance xr500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cm 1542-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1 irc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1604", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1616", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 lean", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 std", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 opc-ua", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 std", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic dk-16xx pn io", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200al", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200ecopn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200m", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200mp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200pro", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200s", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200sp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi multi panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic rf650r", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic rf680r", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic rf685r", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-200 smart", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-300", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-400", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie basic", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter standard modem", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simocode pro v profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simotion", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics dcm", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics dcp", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g110m", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g120 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g130", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics g150", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s110 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics s150", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics v90 w. pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinumerik 828d", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinumerik 840d sl", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius act 3su1 interface module profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius motor starter m200d profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sirius soft starter 3rw44 pn", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sitop psu8600", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sitop ups1600 profinet", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "for pc-based windows systems firmware" }, { "model": "simatic hmi multi panels", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics g150", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi mobile panels", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s110 w. pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinumerik 828d", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinumerik 840d sl", "version": "*" }, { "model": "ups1600 profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "softnet profinet io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop psu8600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sirius soft starter 3rw44 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sirius act 3su1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 828d", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics sm150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sm120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.5" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7.4" }, { "model": "sinamics sl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gm150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gl150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics gh150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simotion", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic teleservice adapter standard modem", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-400", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-300", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-200 smart", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf685r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf680r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf650r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2000" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16260" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16160" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16040" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1543-12.0.28" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1543-10" }, { "model": "simatic cp 1542sp-1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp irc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-80" }, { "model": "simatic cp lte eu/us", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-70" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1243-10" }, { "model": "simatic cp gprs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1242-7v20" }, { "model": "scalance xr500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance xm400", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4140" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4084.0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x4083.0" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x3000" }, { "model": "scalance irt", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x2000" }, { "model": "scalance", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "x2000" }, { "model": "scalance w700 series", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.4" }, { "model": "scalance w700 series", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.5.4" }, { "model": "scalance s615", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "scalance m-800", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.02" }, { "model": "scalance m-800", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "ie/as-i link pn io", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "22?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "19?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15?0" }, { "model": "extension unit profinet", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12?0" }, { "model": "e/pb-link", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinumerik 840d sl", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinumerik 828d", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics sm120 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics sl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gm150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gl150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics gh150 sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "simatic rf685r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic rf680r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "16162.7" }, { "model": "simatic cp 1604d", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.7" }, { "model": "simatic cp irc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1243-82.1.82" }, { "model": "simatic cp lte eu/us", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1243-72.1.82" }, { "model": "simatic cp gprs", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1242-7v22.1.82" }, { "model": "simatic rf650r", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "443-13.2.17" }, { "model": "simatic cp", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15431.2.1" }, { "model": "simatic cm1542", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1.2" }, { "model": "scalance w700", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "6.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "22?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "19?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15?1.1.1" }, { "model": "extension unit profinet", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "12?1.1.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 std", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1542sp 1 irc", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1543sp 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1543 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf650r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf680r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf685r", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1616", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1604", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic dk 16xx pn io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x200", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 lean", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x200 irt", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x408", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance x414", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance xm400", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance xr500", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance w700", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance m 800", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "scalance s615", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet profinet io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 343 1 adv", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ie pb link", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ie as i link pn io", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter standard modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie basic modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie advanced modem", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop psu8600", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ups1600 profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200al", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200ecopn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200m", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 std", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200mp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200pro", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200s", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200sp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "pn pn coupler", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "dk standard ethernet controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200p pn io", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ek ertec 200 pn io", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 200 smart", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 adv", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1200", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius act 3su1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius soft starter 3rw44 pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sirius motor starter m200d profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v profinet", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcm", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 443 1 opc ua", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics dcp", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g110m", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g120 c p d w pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g130", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s110 w pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s120", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics v90 w pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simotion", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1243 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi multi panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi mobile panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cm 1542 1", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp 1542sp 1", "version": null } ], "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simotion_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004135" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.", "sources": [ { "db": "BID", "id": "98369" } ], "trust": 0.3 }, "cve": "CVE-2017-2681", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2017-2681", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2017-06153", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "33467505-7492-4ae1-b978-12f61201709a", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-110884", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2017-2681", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2017-2681", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-2681", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2017-2681", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2017-2681", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2017-06153", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201705-639", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-110884", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "VULHUB", "id": "VHN-110884" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" }, { "db": "NVD", "id": "CVE-2017-2681" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions \u003c V3.2.17), SIMATIC CP 443-1 Adv (All versions \u003c V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IRC (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions \u003c V2.0), SIMATIC CM 1542SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions \u003c V1.0.15), SIMATIC CP 1543SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1543-1 (All versions \u003c V2.1), SIMATIC RF650R (All versions \u003c V3.0), SIMATIC RF680R (All versions \u003c V3.0), SIMATIC RF685R (All versions \u003c V3.0), SIMATIC CP 1616 (All versions \u003c V2.7), SIMATIC CP 1604 (All versions \u003c V2.7), SIMATIC DK-16xx PN IO (All versions \u003c V2.7), SCALANCE X-200 (All versions \u003c V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions \u003c V4.1.0), SCALANCE X414 (All versions \u003c V3.10.2), SCALANCE XM400 (All versions \u003c V6.1), SCALANCE XR500 (All versions \u003c V6.1), SCALANCE W700 (All versions \u003c V6.1), SCALANCE M-800, S615 (All versions \u003c V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions \u003c V14 SP1), IE/PB-Link (All versions \u003c V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions \u003c V1.2.0), SITOP UPS1600 PROFINET (All versions \u003c V2.2.0), SIMATIC ET 200AL (All versions \u003c V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions \u003c V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions \u003c V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions \u003c V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions \u003c V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions \u003c V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions \u003c V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions \u003c V2.3), SIMATIC S7-300 incl. F and T (All versions \u003c V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions \u003c V6.0.6), SIMATIC S7-400-H V6 (All versions \u003c V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions \u003c V7.0.2), SIMATIC S7-410 (All versions \u003c V8.2), SIMATIC S7-1200 incl. F (All versions \u003c V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions \u003c V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions \u003c V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions \u003c V2.0.0), SINAMICS DCM w. PN (All versions \u003c V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions \u003c V1.2 HF 1), SINAMICS G110M w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions \u003c V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions \u003c V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS S110 w. PN (All versions \u003c V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions \u003c V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens", "sources": [ { "db": "NVD", "id": "CVE-2017-2681" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "BID", "id": "98369" }, { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "VULHUB", "id": "VHN-110884" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-2681", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-293562", "trust": 2.6 }, { "db": "BID", "id": "98369", "trust": 2.0 }, { "db": "SECTRACK", "id": "1038463", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-17-129-02", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2017-06153", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201705-639", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-004135", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-18-023-02", "trust": 0.3 }, { "db": "SIEMENS", "id": "SSA-284673", "trust": 0.3 }, { "db": "IVD", "id": "33467505-7492-4AE1-B978-12F61201709A", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-110884", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "VULHUB", "id": "VHN-110884" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "id": "VAR-201705-3221", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "VULHUB", "id": "VHN-110884" } ], "trust": 1.5075520524444446 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" } ] }, "last_update_date": "2024-11-23T22:56:02.322000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-293562", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "title": "Patch for Siemens SIMATIC HMI Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/93365" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70109" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-110884" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/98369" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1038463" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2681" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2681" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02" }, { "trust": 0.3, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "VULHUB", "id": "VHN-110884" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" }, { "db": "VULHUB", "id": "VHN-110884" }, { "db": "BID", "id": "98369" }, { "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "db": "CNNVD", "id": "CNNVD-201705-639" }, { "db": "NVD", "id": "CVE-2017-2681" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06153" }, { "date": "2017-05-11T00:00:00", "db": "VULHUB", "id": "VHN-110884" }, { "date": "2017-05-08T00:00:00", "db": "BID", "id": "98369" }, { "date": "2017-06-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "date": "2017-05-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201705-639" }, { "date": "2017-05-11T10:29:00.180000", "db": "NVD", "id": "CVE-2017-2681" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06153" }, { "date": "2020-09-29T00:00:00", "db": "VULHUB", "id": "VHN-110884" }, { "date": "2018-05-09T14:00:00", "db": "BID", "id": "98369" }, { "date": "2017-09-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004135" }, { "date": "2022-03-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201705-639" }, { "date": "2024-11-21T03:23:57.917000", "db": "NVD", "id": "CVE-2017-2681" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201705-639" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC HMI Denial of service vulnerability", "sources": [ { "db": "IVD", "id": "33467505-7492-4ae1-b978-12f61201709a" }, { "db": "CNVD", "id": "CNVD-2017-06153" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201705-639" } ], "trust": 0.6 } }
var-202211-0343
Vulnerability from variot
The login endpoint /FormLogin in affected web services does not apply proper origin checking.
This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. simatic s7-1500 software controller , SIMATIC S7-PLCSIM Advanced , simatic wincc runtime A cross-site request forgery vulnerability exists in multiple Siemens products.Information may be obtained. SIMATIC Drive Controllers are designed for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on PCs. SIMATIC S7-1200 CPUs and SIMATIC S7-1500 CPUs have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for pc-based automation solutions. SIMATIC S7-300 controllers and SIMATIC S7-400 controllers have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtual environments. SIMATIC WinAC RTX is a SIMATIC software controller for pc-based automation solutions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SINUMERIK ONE is a digitally native CNC with integrated SIMATIC S7-1500 CPU for automation. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products on which they are based
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202211-0343", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic s7-1500 cpu 15pro-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518hf-4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1513f-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1510sp-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1214fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517f-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517tf-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1513r-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1215fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516pro-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1212c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214 fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn\\/dp v6", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7317-2ek14-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1212fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1510sp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7154-8fb01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1511tf-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7317-7tk10-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "6es7154-8ab01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1518f-4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1317-2ek14-7ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "6es7315-2eh14-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1518", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1314-6eh04-7ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3.19" }, { "model": "6ag1151-8fb01-2ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1516-3 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1513-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516f-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1317-2fk14-2ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518tf-4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512sp-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7151-8fb01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "6es7318-3fl01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1518-4 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518-4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516pro f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516-3 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1515r-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1315-2fj14-2ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1515f-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinumerik one", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1217c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516t-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1217c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7154-8fx00-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1517-3 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "6es7318-3el01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1511-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1211c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1315-2eh14-7ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1200 cpu 1214fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1507s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 15prof-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1515-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic drive controller cpu 1504d tf", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1214c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7317-7ul10-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1512c-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn\\/dp v7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1515tf-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu cpu 1513prof-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1215fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1515t-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511c-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1507s f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7317-2fk14-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1511f-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6ag1151-8ab01-7ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1200 cpu 12 1211c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1508s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1215 fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 1215c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1215c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516tf-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1508s f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7314-6eh04-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3.19" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517-3 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1518t-4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 151511f-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7151-8ab01-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic drive controller cpu 1507d tf", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1212fc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7315-2fj14-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu 1518-4 dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511t-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1512spf-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6es7315-7tj10-0ab0", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-1500 cpu cpu 1513pro-2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 151511c-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu 12 1214c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1516-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1511c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517-3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7317-2fk14-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7154-8fb01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6ag1151-8ab01-7ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6ag1151-8fb01-2ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc runtime", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7317-7ul10-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7151-8ab01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7315-7tj10-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7318-3el01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7318-3fl01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7154-8fx00-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7154-8ab01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7151-8fb01-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7317-2ek14-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7317-7tk10-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7315-2eh14-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7314-6eh04-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6es7315-2fj14-0ab0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic drive controller family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1200 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik one", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et 200pro im154-8 pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic et 200pro im154-8f pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic et 200pro im154-8fx pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic et 200s im151-8 pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic et 200s im151-8f pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic pc station", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "2.1" }, { "model": "simatic s7-300 cpu 314c-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.3.19" }, { "model": "simatic s7-300 cpu pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "315-2\u003c3.2.19" }, { "model": "simatic s7-300 cpu 315f-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-300 cpu 315t-3 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-300 cpu pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "317-2\u003c3.2.19" }, { "model": "simatic s7-300 cpu 317f-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-300 cpu 317t-3 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-300 cpu 317tf-3 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-300 cpu pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "319-3\u003c3.2.19" }, { "model": "simatic s7-300 cpu 319f-3 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "simatic s7-400 pn/dp cpu family", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6" }, { "model": "simatic s7-400 pn/dp cpu family", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7" }, { "model": "siplus et 200s im151-8 pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "siplus et 200s im151-8f pn/dp cpu", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "siplus s7-300 cpu 314c-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.3.19" }, { "model": "siplus s7-300 cpu pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "315-2\u003c3.2.19" }, { "model": "siplus s7-300 cpu 315f-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" }, { "model": "siplus s7-300 cpu pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "317-2\u003c3.2.19" }, { "model": "siplus s7-300 cpu 317f-2 pn/dp", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.2.19" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "cve": "CVE-2022-30694", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2022-75547", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2022-30694", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 2.1, "id": "CVE-2022-30694", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "None", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2022-020602", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2022-30694", "trust": 1.0, "value": "MEDIUM" }, { "author": "nvd@nist.gov", "id": "CVE-2022-30694", "trust": 1.0, "value": "LOW" }, { "author": "OTHER", "id": "JVNDB-2022-020602", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2022-75547", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202211-2266", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "db": "NVD", "id": "CVE-2022-30694" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The login endpoint /FormLogin in affected web services does not apply proper origin checking. \r\n\r\nThis could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. simatic s7-1500 software controller , SIMATIC S7-PLCSIM Advanced , simatic wincc runtime A cross-site request forgery vulnerability exists in multiple Siemens products.Information may be obtained. SIMATIC Drive Controllers are designed for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on PCs. SIMATIC S7-1200 CPUs and SIMATIC S7-1500 CPUs have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for pc-based automation solutions. SIMATIC S7-300 controllers and SIMATIC S7-400 controllers have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtual environments. SIMATIC WinAC RTX is a SIMATIC software controller for pc-based automation solutions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SINUMERIK ONE is a digitally native CNC with integrated SIMATIC S7-1500 CPU for automation. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products on which they are based", "sources": [ { "db": "NVD", "id": "CVE-2022-30694" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "VULHUB", "id": "VHN-422285" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-30694", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-478960", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-22-314-02", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU93762879", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-020602", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-75547", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202211-2266", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-422285", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "VULHUB", "id": "VHN-422285" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "id": "VAR-202211-0343", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "VULHUB", "id": "VHN-422285" } ], "trust": 1.473885189354839 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" } ] }, "last_update_date": "2024-08-14T12:44:38.027000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Cross Site Request Forgery Vulnerability in Several Siemens Products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/360331" }, { "title": "Siemens SIMATIC Drive Controller Fixes for cross-site request forgery vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232927" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "CNNVD", "id": "CNNVD-202211-2266" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-352", "trust": 1.1 }, { "problemtype": "Cross-site request forgery (CWE-352) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-422285" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu93762879/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30694" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-02" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-478960.html" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-cross-site-request-forgery-via-login-page-39863" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-30694/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "VULHUB", "id": "VHN-422285" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-75547" }, { "db": "VULHUB", "id": "VHN-422285" }, { "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "db": "NVD", "id": "CVE-2022-30694" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-11-09T00:00:00", "db": "CNVD", "id": "CNVD-2022-75547" }, { "date": "2022-11-08T00:00:00", "db": "VULHUB", "id": "VHN-422285" }, { "date": "2023-11-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "date": "2022-11-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "date": "2022-11-08T11:15:10.413000", "db": "NVD", "id": "CVE-2022-30694" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-11-09T00:00:00", "db": "CNVD", "id": "CNVD-2022-75547" }, { "date": "2023-01-10T00:00:00", "db": "VULHUB", "id": "VHN-422285" }, { "date": "2023-11-02T08:05:00", "db": "JVNDB", "id": "JVNDB-2022-020602" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202211-2266" }, { "date": "2023-04-11T10:15:14.597000", "db": "NVD", "id": "CVE-2022-30694" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202211-2266" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cross-site request forgery vulnerability in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-020602" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "cross-site request forgery", "sources": [ { "db": "CNNVD", "id": "CNNVD-202211-2266" } ], "trust": 0.6 } }
cve-2019-6575
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:23:22.041Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC IPC DiagMonitor", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1.3" } ] }, { "product": "SIMATIC NET PC Software V13", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 14" } ] }, { "product": "SIMATIC NET PC Software V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC RF188C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "product": "SIMATIC RF600R family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.1" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.5 \u003c V2.6.1" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions between V2.5 (including) and V2.7 (excluding)" } ] }, { "product": "SIMATIC WinCC OA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.15 P018" } ] }, { "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0 SP1" } ] }, { "product": "SINEMA Server", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP2" } ] }, { "product": "SINUMERIK OPC UA Server", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "product": "TeleControl Server Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-248", "description": "CWE-248: Uncaught Exception", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T11:16:36", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-6575", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC CP 443-1 OPC UA", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.7" } ] } }, { "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC IPC DiagMonitor", "version": { "version_data": [ { "version_value": "All versions \u003c V5.1.3" } ] } }, { "product_name": "SIMATIC NET PC Software V13", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC NET PC Software V14", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP1 Update 14" } ] } }, { "product_name": "SIMATIC NET PC Software V15", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC RF188C", "version": { "version_data": [ { "version_value": "All versions \u003c V1.1.0" } ] } }, { "product_name": "SIMATIC RF600R family", "version": { "version_data": [ { "version_value": "All versions \u003c V3.2.1" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e= V2.5 \u003c V2.6.1" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions between V2.5 (including) and V2.7 (excluding)" } ] } }, { "product_name": "SIMATIC WinCC OA", "version": { "version_data": [ { "version_value": "All versions \u003c V3.15 P018" } ] } }, { "product_name": "SIMATIC WinCC Runtime Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SINEC NMS", "version": { "version_data": [ { "version_value": "All versions \u003c V1.0 SP1" } ] } }, { "product_name": "SINEMA Server", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP2" } ] } }, { "product_name": "SINUMERIK OPC UA Server", "version": { "version_data": [ { "version_value": "All versions \u003c V2.1" } ] } }, { "product_name": "TeleControl Server Basic", "version": { "version_data": [ { "version_value": "All versions \u003c V3.1.1" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-248: Uncaught Exception" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-6575", "datePublished": "2019-04-17T13:40:24", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2024-08-04T20:23:22.041Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-28397
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf | x_refsource_MISC |
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions < V2.9.2 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:33:59.119Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "product": "SIMATIC S7 PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e V2 \u003c V4" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "Version V4.4" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e V2.5 \u003c V2.9.2" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e V2.5 \u003c V21.9" } ] }, { "product": "TIM 1531 IRC (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "Version V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-14T10:47:15", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-28397", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC Drive Controller family", "version": { "version_data": [ { "version_value": "All versions \u003c V2.9.2" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V21.9" } ] } }, { "product_name": "SIMATIC S7 PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003e V2 \u003c V4" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "Version V4.4" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e V2.5 \u003c V2.9.2" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003e V2.5 \u003c V21.9" } ] } }, { "product_name": "TIM 1531 IRC (incl. SIPLUS NET variants)", "version": { "version_data": [ { "version_value": "Version V2.1" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-863: Incorrect Authorization" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-28397", "datePublished": "2021-08-10T10:35:23", "dateReserved": "2020-11-10T00:00:00", "dateUpdated": "2024-08-04T16:33:59.119Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-12741
Vulnerability from cvelistv5
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
▼ | URL | Tags |
---|---|---|
https://www.securityfocus.com/bid/101964 | vdb-entry, x_refsource_BID | |
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/html/ssa-346262.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-546832.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-141614.html |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions < V4.1.1 Patch 05 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:51:06.315Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "101964", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "https://www.securityfocus.com/bid/101964" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-346262.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-141614.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.1 Patch 05" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Compact Field Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200AL IM 157-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V1.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200M (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-3 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-4 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HS", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN: IO-Link Master", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200S (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-200 SMART", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.03.01" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V3.X.16", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V8.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CP51M1", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CPU555", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.1" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION D", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4 HF26" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION P V4.4 and V4.5", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 HF5" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION P V5", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCM w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.4 SP1 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCP w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2 HF2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G110M w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP9 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP9 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF29" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF29" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP5 HF7" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF31" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S110 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4 SP3 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF29" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF29" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.0 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF30" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.4 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.5 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS V90 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.02" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS Soft Starter 3RW44 PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T12:03:53.948Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "name": "101964", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "https://www.securityfocus.com/bid/101964" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-346262.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-141614.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2017-12741", "datePublished": "2017-12-26T04:00:00", "dateReserved": "2017-08-09T00:00:00", "dateUpdated": "2024-08-05T18:51:06.315Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2680
Vulnerability from cvelistv5
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1038463 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/98369 | vdb-entry, x_refsource_BID | |
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf | x_refsource_CONFIRM | |
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf | x_refsource_CONFIRM | |
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/html/ssa-293562.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-284673.html | ||
https://cert-portal.siemens.com/productcert/html/ssa-546832.html |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions < V4.1.1 Patch04 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2017-2680", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T13:26:04.237652Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T13:26:15.327Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-05T14:02:07.270Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1038463", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038463" }, { "name": "98369", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98369" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.1 Patch04" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1 Patch03" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0 Patch01" } ] }, { "defaultStatus": "unknown", "product": "Extension Unit 12\" PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V01.01.01" } ] }, { "defaultStatus": "unknown", "product": "Extension Unit 15\" PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V01.01.01" } ] }, { "defaultStatus": "unknown", "product": "Extension Unit 19\" PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V01.01.01" } ] }, { "defaultStatus": "unknown", "product": "Extension Unit 22\" PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V01.01.01" } ] }, { "defaultStatus": "unknown", "product": "IE/AS-i Link PN IO", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "IE/PB-Link (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.03" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE W-700 IEEE 802.11n family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.2.2" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.4.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X408 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X414", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.10.2" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XM-400 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR-500 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CM 1542-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CM 1542SP-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-7 LTE US", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-8 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-8 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1604", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1616", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1626", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC DK-16xx PN IO", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200AL IM 157-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V1.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200M (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-3 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-4 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HS", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN: IO-Link Master", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200S (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-B", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-B Body", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-P", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-P Body", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 HR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 SR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 UR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF650R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF680R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF685R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-200 SMART", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V3.X.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V8.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CP51M1", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CPU555", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Standard", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0.0" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4 HF26" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCM w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.4 SP1 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCP w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G110M w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP6 HF3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP6 HF3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "V4.7: All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP5 HF7" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF31" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S110 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4 SP3 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.0 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF30" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.4 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7.5 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.7 w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS V90 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.01" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D V4.5 and prior", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 SP6 HF2" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D V4.7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP4 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl V4.5 and prior", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 SP6 HF2" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl V4.7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP4 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS ACT 3SU1 interface module PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS Motor Starter M200D PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS Soft Starter 3RW44 PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SITOP PSU8600 PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2.0" } ] }, { "defaultStatus": "unknown", "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.2.0" } ] }, { "defaultStatus": "unknown", "product": "Softnet PROFINET IO for PC-based Windows systems", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1" } ] } ], "descriptions": [ { "lang": "en", "value": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-10T09:33:18.492Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "name": "1038463", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038463" }, { "name": "98369", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98369" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2017-2680", "datePublished": "2017-05-11T01:00:00", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-10T09:33:18.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-37205
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions >= V2.9.2 < V2.9.4 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:16:03.897Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.5.0 \u003c V4.5.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.0 \u003c V4.0 SP1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] }, { "defaultStatus": "unknown", "product": "TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401: Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-11T09:01:55.468Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-37205", "datePublished": "2022-02-09T15:16:57", "dateReserved": "2021-07-21T00:00:00", "dateUpdated": "2024-08-04T01:16:03.897Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-37185
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions >= V2.9.2 < V2.9.4 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:16:03.183Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.5.0 \u003c V4.5.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.0 \u003c V4.0 SP1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] }, { "defaultStatus": "unknown", "product": "TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-672", "description": "CWE-672: Operation on a Resource after Expiration or Release", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-11T09:01:53.394Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-37185", "datePublished": "2022-02-09T15:16:44", "dateReserved": "2021-07-21T00:00:00", "dateUpdated": "2024-08-04T01:16:03.183Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10929
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | x_refsource_MISC | |
https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | x_refsource_MISC |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC CP 1626 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:40:15.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC CP 1626", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC HMI Panel (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 14" } ] }, { "product": "SIMATIC NET PC Software V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.8.1" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC (TIA Portal)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC OA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.16 P013" } ] }, { "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC Runtime Professional", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "TIM 1531 IRC (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-327", "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T11:16:07", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-10929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC CP 1626", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC HMI Panel (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC NET PC Software V14", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP1 Update 14" } ] } }, { "product_name": "SIMATIC NET PC Software V15", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V4.4.0" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.8.1" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC S7-PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V3.0" } ] } }, { "product_name": "SIMATIC STEP 7 (TIA Portal)", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC (TIA Portal)", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC OA", "version": { "version_data": [ { "version_value": "All versions \u003c V3.16 P013" } ] } }, { "product_name": "SIMATIC WinCC Runtime Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC Runtime Professional", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "TIM 1531 IRC (incl. SIPLUS NET variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.1" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "name": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-10929", "datePublished": "2019-08-13T18:55:57", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.230Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15782
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf | x_refsource_MISC |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions < V2.9.2 |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:22:30.758Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5.0" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.0" } ] }, { "product": "SINAMICS PERFECT HARMONY GH180 Drives", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "Drives manufactured before 2021-08-13" } ] }, { "product": "SINUMERIK MC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.15" } ] }, { "product": "SINUMERIK ONE", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.15" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-14T10:47:06", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-15782", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC Drive Controller family", "version": { "version_data": [ { "version_value": "All versions \u003c V2.9.2" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V21.9" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V4.5.0" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.9.2" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003c V21.9" } ] } }, { "product_name": "SIMATIC S7-PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V4.0" } ] } }, { "product_name": "SINAMICS PERFECT HARMONY GH180 Drives", "version": { "version_data": [ { "version_value": "Drives manufactured before 2021-08-13" } ] } }, { "product_name": "SINUMERIK MC", "version": { "version_data": [ { "version_value": "All versions \u003c V6.15" } ] } }, { "product_name": "SINUMERIK ONE", "version": { "version_data": [ { "version_value": "All versions \u003c V6.15" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-15782", "datePublished": "2021-05-28T16:10:10", "dateReserved": "2020-07-15T00:00:00", "dateUpdated": "2024-08-04T13:22:30.758Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-7580
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Automation Tool |
Version: All versions < V4 SP2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:33:19.492Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "tags": [ "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC Automation Tool", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4 SP2" } ] }, { "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 14" } ] }, { "product": "SIMATIC NET PC Software V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC NET PC Software V16", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16 Upd3" } ] }, { "product": "SIMATIC PCS neo", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0 SP1" } ] }, { "product": "SIMATIC ProSave", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V17" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.8" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal) V13", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V13 SP2 Update 4" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal) V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 10" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal) V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Update 5" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal) V16", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16 Update 2" } ] }, { "product": "SIMATIC STEP 7 V5", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.6 SP2 HF3" } ] }, { "product": "SIMATIC WinCC OA V3.16", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.16 P018" } ] }, { "product": "SIMATIC WinCC OA V3.17", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.17 P003" } ] }, { "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16 Update 2" } ] }, { "product": "SIMATIC WinCC Runtime Professional V13", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V13 SP2 Update 4" } ] }, { "product": "SIMATIC WinCC Runtime Professional V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 10" } ] }, { "product": "SIMATIC WinCC Runtime Professional V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Update 5" } ] }, { "product": "SIMATIC WinCC Runtime Professional V16", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16 Update 2" } ] }, { "product": "SIMATIC WinCC V7.4", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.4 SP1 Update 14" } ] }, { "product": "SIMATIC WinCC V7.5", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.5 SP1 Update 3" } ] }, { "product": "SINAMICS STARTER", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All Versions \u003c V5.4 HF2" } ] }, { "product": "SINAMICS Startdrive", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All Versions \u003c V16 Update 3" } ] }, { "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0 SP2" } ] }, { "product": "SINEMA Server", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP3" } ] }, { "product": "SINUMERIK ONE virtual", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All Versions \u003c V6.14" } ] }, { "product": "SINUMERIK Operate", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All Versions \u003c V6.14" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-428", "description": "CWE-428: Unquoted Search Path or Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-7580", "datePublished": "2020-06-10T00:00:00", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-08-04T09:33:19.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-4843
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC S7-400 CPU 414-3 PN/DP V7 |
Version: All versions < V7.0.3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:18:26.626Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": " SIMATIC S7-400 CPU 414-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": " SIMATIC S7-400 CPU 414F-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": " SIMATIC S7-400 CPU 416-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": " SIMATIC S7-400 CPU 416F-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.7.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.7.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 412-2 PN V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.0.9" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.0.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V8.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP6 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-400 CPU 414-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-400 CPU 416-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.0.3" } ] }, { "defaultStatus": "unknown", "product": "Softnet PROFINET IO for PC-based Windows systems", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V1.7.0), SIMATIC S7-1500 Software Controller (All versions \u003c V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions \u003c V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions \u003c V8.1), SIMATIC WinAC RTX 2010 (All versions \u003c V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions \u003c V2010 SP3), SINUMERIK 828D (All versions \u003c V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.\r\n\r\nThe security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:50:59.460Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2018-4843", "datePublished": "2018-03-20T14:00:00", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-08-05T05:18:26.626Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-46156
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller CPU 1504D TF |
Version: 0 < V3.1.0 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:37:39.979Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1504D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller CPU 1507D TF", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V30.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511T-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511T-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511TF-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1511TF-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512C-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513R-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1513R-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SP F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SP-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SPT F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1514SPT-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515R-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515R-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515T-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515T-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515TF-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1515TF-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517H-3 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518HF-4 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "lessThan": "V30.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK MC", "vendor": "Siemens", "versions": [ { "lessThan": "V1.24", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK ONE", "vendor": "Siemens", "versions": [ { "lessThan": "V6.24", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1511F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1513F-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515R-2 PN", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1517H-3 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-1500 CPU 1518HF-4 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V3.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Affected devices improperly handle specially crafted packets sent to port 102/tcp.\r\nThis could allow an attacker to create a denial of service condition. A restart is needed to restore\r\nnormal operations." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-10T09:36:13.764Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-46156", "datePublished": "2023-12-12T11:27:10.086Z", "dateReserved": "2023-10-17T15:26:40.643Z", "dateUpdated": "2024-09-10T09:36:13.764Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-19300
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T02:16:46.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-593272.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "KTK ATE530S", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIDOOR ATD430W", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIDOOR ATE530S COATED", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIDOOR ATE531S", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200AL IM 157-1 PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM 151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM 151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 MF HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN/2 HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN/3 HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.2", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V5.1.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V5.1.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V5.1.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, DI 16x24VDC, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.2", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, DI 8x24VDC, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.2", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.3", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.2", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L", "vendor": "Siemens", "versions": [ { "lessThan": "V5.1.2", "status": "affected", "version": "V5.1.1", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MICRO-DRIVE PDC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/MF Coupler", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/PN Coupler", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CP51M1", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CPU555", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S/G Control Unit w. PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM 151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM 151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "V4.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET PN/PN Coupler", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.2" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6\u00a0and below\u00a0CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T12:03:59.957Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-593272.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-19300", "datePublished": "2020-04-14T00:00:00", "dateReserved": "2019-11-26T00:00:00", "dateUpdated": "2024-08-05T02:16:46.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-2681
Vulnerability from cvelistv5
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1038463 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/98369 | vdb-entry, x_refsource_BID | |
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/html/ssa-293562.html |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions < V4.1.1 Patch04 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2017-2681", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T20:22:19.045364Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T20:22:26.181Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-05T14:02:07.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1038463", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038463" }, { "name": "98369", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98369" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.1 Patch04" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1 Patch03" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0 Patch01" } ] }, { "defaultStatus": "unknown", "product": "IE/AS-i Link PN IO", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "IE/PB-Link (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.03" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE W-700 IEEE 802.11n family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.2.2" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.4.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X408 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1.0" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE X414", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.10.2" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XM-400 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SCALANCE XR-500 family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CM 1542-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CM 1542SP-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1243-8 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.82" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0.15" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1604", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1616", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC DK-16xx PN IO", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200AL IM 157-1 PN", "vendor": "Siemens", "versions": [ { "lessThan": "V1.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200M (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-3 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-4 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HS", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN: IO-Link Master", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200S (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-B", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-B Body", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-P", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV420 SR-P Body", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 HR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 SR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC MV440 UR", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF650R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF680R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF685R", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-200 SMART", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V3.X.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V8.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CP51M1", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CPU555", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Standard", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0.0" } ] }, { "defaultStatus": "unknown", "product": "SIMOTION", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCM w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.4 SP1 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCP w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G110M w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP6 HF3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP6 HF3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "V4.7: All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S110 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4 SP3 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF27" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.8 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS V90 w. PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.01" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D V4.5 and prior", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 SP6 HF2" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D V4.7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP4 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl V4.5 and prior", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5 SP6 HF2" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl V4.7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP4 HF1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS ACT 3SU1 interface module PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS Motor Starter M200D PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIRIUS Soft Starter 3RW44 PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SITOP PSU8600 PROFINET", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2.0" } ] }, { "defaultStatus": "unknown", "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.2.0" } ] }, { "defaultStatus": "unknown", "product": "Softnet PROFINET IO for PC-based Windows systems", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1" } ] } ], "descriptions": [ { "lang": "en", "value": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-10T09:33:20.658Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "name": "1038463", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038463" }, { "name": "98369", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98369" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2017-2681", "datePublished": "2017-05-11T10:00:00", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-10T09:33:20.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15796
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf | x_refsource_MISC |
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) |
Version: V20.8 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:30:21.823Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC ET 200SP Open Controller (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "V20.8" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "V20.8" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-248", "description": "CWE-248: Uncaught Exception", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-12-14T21:05:18", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-15796", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC ET 200SP Open Controller (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "V20.8" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "V20.8" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-248: Uncaught Exception" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-15796", "datePublished": "2020-12-14T21:05:18", "dateReserved": "2020-07-15T00:00:00", "dateUpdated": "2024-08-04T13:30:21.823Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10936
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: 0 < * |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dk_standard_ethernet_controller_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ek-ertec_200_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ek-ertec_200_firmware", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ek-ertec_200p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ek-ertec_200p_firmware", "vendor": "siemens", "versions": [ { "lessThan": "4.6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_cfu_pa", "vendor": "siemens", "versions": [ { "lessThan": "v1.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et200ecopn_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et200ecopn_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et200s_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et200s_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200al_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200m_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200mp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v4.3.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200pro_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200s_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_et_200sp_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_hmi_comfort_outdoor_panels", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_pn\\/pn_coupler_6es7158-3ad01-0xa0:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_pn\\/pn_coupler_6es7158-3ad01-0xa0", "vendor": "siemens", "versions": [ { "lessThan": "v4.2.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_profinet_driver", "vendor": "siemens", "versions": [ { "lessThan": "v2.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_314_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_315-2_dp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_315f-2_dp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_315f-2_dp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_dp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_317-2_dp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_pn\\/dp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_317-2_pn\\/dp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-300_cpu_319-3_pn\\/dp_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-300_cpu_319-3_pn\\/dp_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v3.2.17", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-400_cpu_412-2_pn:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-400_cpu_412-2_pn", "vendor": "siemens", "versions": [ { "lessThan": "v7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-400_cpu_414-3_pn\\/dp:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-400_cpu_414-3_pn\\/dp", "vendor": "siemens", "versions": [ { "lessThan": "v7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-400_cpu_416-3_pn\\/dp:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-400_cpu_416-3_pn\\/dp", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "v7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-400_h_v6_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-400_h_v6_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "v6.0.9", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_v6_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-400_pn\\/dp_v6_firmware", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_s7-410_cpu_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-410_cpu_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v8.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-1200_cpu:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-1200_cpu", "vendor": "siemens", "versions": [ { "lessThan": "v4.4.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-1500_cpu:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-1500_cpu", "vendor": "siemens", "versions": [ { "lessThan": "v2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_s7-1500_controller:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_s7-1500_controller", "vendor": "siemens", "versions": [ { "lessThan": "v2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_tdc_cp51m1_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v1.1.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_tdc_cpu555_firmware", "vendor": "siemens", "versions": [ { "lessThan": "v1.1.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_winac_rtx_2010", "vendor": "siemens", "versions": [ { "lessThan": "v2010_sp3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "simatic_winac_rtx_\\(f\\)_2010", "vendor": "siemens", "versions": [ { "lessThan": "v2010_sp3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_dcm", "vendor": "siemens", "versions": [ { "lessThan": "v1.5_hf1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_dcp", "vendor": "siemens", "versions": [ { "lessThan": "v1.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_g110m", "vendor": "siemens", "versions": [ { "lessThan": "v4.7_sp10_hf5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_g120:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_g120", "vendor": "siemens", "versions": [ { "lessThan": "v4.7_sp10_hf5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_g130", "vendor": "siemens", "versions": [ { "lessThan": "v4.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_g150", "vendor": "siemens", "versions": [ { "lessThan": "v4.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_gh150", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_gl150", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_gm150", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_s110:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_s110", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_s120", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_sl150", "vendor": "siemens", "versions": [ { "lessThan": "v4.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_sl150", "vendor": "siemens", "versions": [ { "lessThan": "v4.7_hf33", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinamics_sm120", "vendor": "siemens", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinumerik_828d", "vendor": "siemens", "versions": [ { "lessThan": "v4.8_sp5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sinumerik_840d_sl", "vendor": "siemens", "versions": [ { "lessThan": "v4.8_sp6", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:siemens:siplus_s7-300_cpu_314:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "siplus_s7-300_cpu_314", "vendor": "siemens", "versions": [ { "lessThan": "v3.3.17", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2019-10936", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T14:36:59.481395Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T15:59:12.602Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T22:40:15.253Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-473245.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.6 Patch 01" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CFU PA", "vendor": "Siemens", "versions": [ { "lessThan": "V1.2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200AL IM 157-1 PN", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200M (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-3 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-4 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM 154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM 151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM 151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN HS", "vendor": "Siemens", "versions": [ { "lessThan": "V4.0.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN/2 HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP IM 155-6 PN/3 HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V2.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200ecoPN: IO-Link Master", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET200S (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Outdoor Panels (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI KTP Mobile Panels", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PN/PN Coupler", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC PROFINET Driver", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 412-2 PN V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 414-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 414F-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 416-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 CPU 416F-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "V6.0.9", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V8.2.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CP51M1", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC TDC CPU555", "vendor": "Siemens", "versions": [ { "lessThan": "V1.1.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCM", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.5 HF1" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS DCP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G110M V4.7 PN Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP10 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 SP10 HF5" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c 4.8" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c 4.8" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S110 Control Unit", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c 4.8" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF33" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 828D", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP5" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK 840D sl", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP6" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.4.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM 151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM 151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN HF TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "V4.2.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET PN/PN Coupler", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-400 CPU 414-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-400 CPU 416-3 PN/DP V7", "vendor": "Siemens", "versions": [ { "lessThan": "V7.0.3", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Affected devices improperly handle large amounts of specially crafted UDP packets.\r\n\r\nThis could allow an unauthenticated remote attacker to trigger a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T12:03:55.957Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-473245.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-10936", "datePublished": "2019-10-10T00:00:00", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.253Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-37204
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions < V2.9.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:16:03.812Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.5.0 \u003c V4.5.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.9.2 \u003c V2.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V21.9 \u003c V21.9.4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.0 \u003c V4.0 SP1" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] }, { "defaultStatus": "unknown", "product": "TIM 1531 IRC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3.6" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-672", "description": "CWE-672: Operation on a Resource after Expiration or Release", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-11T09:01:54.435Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-37204", "datePublished": "2022-02-09T15:16:56", "dateReserved": "2021-07-21T00:00:00", "dateUpdated": "2024-08-04T01:16:03.812Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38465
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions < V2.9.2 |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:54:03.739Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568428.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.5.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.9.2" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V21.9" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.0" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK MC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.21" } ] }, { "defaultStatus": "unknown", "product": "SINUMERIK ONE", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.21" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINUMERIK MC (All versions \u003c V6.21), SINUMERIK ONE (All versions \u003c V6.21). Affected products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication.\r\n\r\nThis could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication." } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-522", "description": "CWE-522: Insufficiently Protected Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-15T09:24:47.442Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568428.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2022-38465", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-08-19T00:00:00", "dateUpdated": "2024-08-03T10:54:03.739Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10943
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC Drive Controller family |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:40:15.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC Drive Controller family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V20.8" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V4.4.0" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.8.1" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.8.1" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V20.8" } ] }, { "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V3.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-1500 Software Controller (All versions \u003e= V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-353", "description": "CWE-353: Missing Support for Integrity Check", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T11:16:23", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-10943", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC Drive Controller family", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e= V20.8" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V4.4.0" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e= V4.4.0" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.8.1" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e= V2.8.1" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003e= V20.8" } ] } }, { "product_name": "SIMATIC S7-PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V3.0" } ] } }, { "product_name": "SIMATIC S7-PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003e= V3.0" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-1500 Software Controller (All versions \u003e= V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-353: Missing Support for Integrity Check" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-10943", "datePublished": "2019-08-13T18:55:57", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.602Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-6568
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC CP 1604 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:23:22.207Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC CP 1604", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1616", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.6" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC IPC DiagMonitor", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF182C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF185C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF186C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF188C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF600R family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RFID 181EIP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.6.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0 SP1 UPD1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Standard", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S210", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF8" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF33" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF10" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 343-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SITOP Manager", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1" } ] }, { "defaultStatus": "unknown", "product": "SITOP PSU8600", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.5" } ] }, { "defaultStatus": "unknown", "product": "SITOP UPS1600 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3" } ] }, { "defaultStatus": "unknown", "product": "TIM 1531 IRC (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:03.049Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-6568", "datePublished": "2019-04-17T13:40:24", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2024-08-04T20:23:22.207Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }