Vulnerabilites related to Siemens - SIMATIC WinCC Runtime Professional V16
cve-2023-46280
Vulnerability from cvelistv5
Published
2024-05-14 10:01
Modified
2024-12-10 13:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-46280", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-29T14:20:28.448026Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:22:08.819Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T20:37:40.324Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-962515.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Security Configuration Tool (SCT)", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Automation Tool", vendor: "Siemens", versions: [ { lessThan: "V5.0 SP2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 Upd5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V18", vendor: "Siemens", versions: [ { lessThan: "V18 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC05", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PDM V9.2", vendor: "Siemens", versions: [ { lessThan: "V9.2 SP2 Upd3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 Upd3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PCT", vendor: "Siemens", versions: [ { lessThan: "V3.5 SP3 Update 6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { lessThan: "V5.7 SP3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.18", vendor: "Siemens", versions: [ { lessThan: "V3.18 P025", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.19", vendor: "Siemens", versions: [ { lessThan: "V3.19 P010", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 17", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINAMICS Startdrive", vendor: "Siemens", versions: [ { lessThan: "V19 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEC NMS", vendor: "Siemens", versions: [ { lessThan: "V3.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEC NMS", vendor: "Siemens", versions: [ { lessThan: "V3.0 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK ONE virtual", vendor: "Siemens", versions: [ { lessThan: "V6.23", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK PLC Programming Tool", vendor: "Siemens", versions: [ { lessThan: "V3.3.12", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TIA Portal Cloud Connector", vendor: "Siemens", versions: [ { lessThan: "V2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V15.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V16", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:28.579Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-962515.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-784301.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-331112.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-46280", datePublished: "2024-05-14T10:01:52.069Z", dateReserved: "2023-10-20T08:02:52.794Z", dateUpdated: "2024-12-10T13:53:28.579Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28831
Vulnerability from cvelistv5
Published
2023-09-12 09:32
Modified
2025-01-14 10:27
Severity ?
EPSS score ?
Summary
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC BRAUMAT |
Version: 0 < V8.1 SP1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T13:51:38.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-711309.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-118850.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC BRAUMAT", vendor: "Siemens", versions: [ { lessThan: "V8.1 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Cloud Connect 7 CC712", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Cloud Connect 7 CC716", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Comfort/Mobile RT", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1504D TF", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1504D TF", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "V3.0.1", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1507D TF", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1507D TF", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "V3.0.1", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V21.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V30.1.0", status: "affected", version: "V30.0.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IPC DiagMonitor", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V17", vendor: "Siemens", versions: [ { lessThan: "V17 SP1 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS neo V4.0", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511T-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511T-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511TF-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511TF-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SP F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SP-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SPT F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SPT-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515T-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515T-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515TF-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515TF-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516T-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516TF-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517T-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517TF-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518F-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518T-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518TF-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller V2", vendor: "Siemens", versions: [ { lessThan: "V21.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller V3", vendor: "Siemens", versions: [ { lessThan: "V30.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PLCSIM Advanced", vendor: "Siemens", versions: [ { lessThan: "V5.0 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC SISTAR", vendor: "Siemens", versions: [ { lessThan: "V8.1 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { lessThan: "V3.17 P029", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.18", vendor: "Siemens", versions: [ { lessThan: "V3.18 P019", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.19", vendor: "Siemens", versions: [ { lessThan: "V3.19 P005", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OPC UA Client", vendor: "Siemens", versions: [ { lessThan: "V2.0.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Unified OPC UA Server", vendor: "Siemens", versions: [ { lessThan: "V5.0.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK MC", vendor: "Siemens", versions: [ { lessThan: "V1.22", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK ONE", vendor: "Siemens", versions: [ { lessThan: "V6.22", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518F-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.\r\n\r\nThis could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T10:27:15.947Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-711309.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-118850.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-28831", datePublished: "2023-09-12T09:32:06.153Z", dateReserved: "2023-03-24T15:17:33.934Z", dateUpdated: "2025-01-14T10:27:15.947Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7580
Vulnerability from cvelistv5
Published
2020-06-10 00:00
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Automation Tool |
Version: All versions < V4 SP2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { tags: [ "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC Automation Tool", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4 SP2", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Upd3", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC ProSave", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17", }, ], }, { product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V21.8", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SIMATIC WinCC OA V3.16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.16 P018", }, ], }, { product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.17 P003", }, ], }, { product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 14", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP1 Update 3", }, ], }, { product: "SINAMICS STARTER", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.4 HF2", }, ], }, { product: "SINAMICS Startdrive", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V16 Update 3", }, ], }, { product: "SINEC NMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2", }, ], }, { product: "SINEMA Server", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP3", }, ], }, { product: "SINUMERIK ONE virtual", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, { product: "SINUMERIK Operate", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428: Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7580", datePublished: "2020-06-10T00:00:00", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }