var-202304-0701
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0701", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic cp", "scope": "eq", "trust": 1.2, "vendor": "siemens", "version": "443-1\u003cv3.3" }, { "model": "simatic cp 1243-7 lte eu", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1542sp-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3" }, { "model": "siplus net cp 443-1 advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3" }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic ipc diagbase", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus tim 1531 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3.6" }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "tim 1531 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3.6" }, { "model": "siplus s7-1200 cp 1243-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1243-1 iec", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus net cp 1242-7 v2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus s7-1200 cp 1243-1 rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1243-7 lte us", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus net cp 443-1", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3" }, { "model": "simatic cp 1243-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1243-8 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1243-1 dnp3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1543sp-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1542sp-1 irc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1 advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3" }, { "model": "simatic cp 1242-7 v2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 443-1 advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1 dnp3", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus net cp 1242-7 v2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1542sp-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-8 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-7 lte us", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus net cp 443-1 advanced", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 443-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1242-7 v2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1 iec", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus net cp 443-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic ipc diagbase", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1542sp-1 irc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-7 lte eu", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1242-7v2" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp lte eu", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-7" }, { "model": "simatic cp lte us", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-7" }, { "model": "simatic cp irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-8" }, { "model": "siplus net cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1242-7v2" }, { "model": "siplus s7-1200 cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "siplus s7-1200 cp rail", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1\u003cv3.3" }, { "model": "simatic cp dnp3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp iec", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp 1542sp-1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1542sp-1 irc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic ipc diagbase", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siplus et 200sp cp 1542sp-1 irc tx rail", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siplus et 200sp cp 1543sp-1 isec", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siplus et 200sp cp 1543sp-1 isec tx rail", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siplus net cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1\u003cv3.3" }, { "model": "siplus net cp advanced \u003cv3.3l", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "443-1" }, { "model": "siplus tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531\u003cv2.3.6" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531\u003cv2.3.6" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "cve": "CVE-2022-43768", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-35759", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2022-43768", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2022-022095", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2022-43768", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2022-022095", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-35759", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202304-726", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "CNNVD", "id": "CNNVD-202304-726" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol", "sources": [ { "db": "NVD", "id": "CVE-2022-43768" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "CNVD", "id": "CNVD-2023-35759" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-43768", "trust": 3.8 }, { "db": "SIEMENS", "id": "SSA-566905", "trust": 3.0 }, { "db": "SIEMENS", "id": "SSA-139628", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-23-103-10", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94715153", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-022095", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-35759", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.2159", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202304-726", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "CNNVD", "id": "CNNVD-202304-726" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "id": "VAR-202304-0701", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" } ], "trust": 1.3845387558333333 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" } ] }, "last_update_date": "2024-09-10T22:39:35.933000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Denial of Service Vulnerability in Several Siemens Products (CNVD-2023-35759)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/424651" }, { "title": "Siemens SIMATIC CP443-1 OPC UA9 Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233079" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "CNNVD", "id": "CNNVD-202304-726" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-770", "trust": 1.0 }, { "problemtype": "Allocation of resources without limits or throttling (CWE-770) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94715153/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43768" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-43768/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.2159" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "CNNVD", "id": "CNNVD-202304-726" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-35759" }, { "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "db": "CNNVD", "id": "CNNVD-202304-726" }, { "db": "NVD", "id": "CVE-2022-43768" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-10T00:00:00", "db": "CNVD", "id": "CNVD-2023-35759" }, { "date": "2023-11-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "date": "2023-04-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-726" }, { "date": "2023-04-11T10:15:17.617000", "db": "NVD", "id": "CVE-2022-43768" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-10T00:00:00", "db": "CNVD", "id": "CNVD-2023-35759" }, { "date": "2023-11-15T06:20:00", "db": "JVNDB", "id": "JVNDB-2022-022095" }, { "date": "2023-05-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-726" }, { "date": "2024-09-10T10:15:05.020000", "db": "NVD", "id": "CVE-2022-43768" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-726" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-022095" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-726" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.