Vulnerability-Lookup - Search a vulnerability

Version: 0 < V3.5.20

Siemens	SIMATIC CP 1243-1 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-7 LTE	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-8 IRC	Version: 0 < V3.5.20
Siemens	SIMATIC HMI Comfort Panels (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC IPC DiagBase	Version: 0 < *
Siemens	SIMATIC IPC DiagMonitor	Version: All versions
Siemens	SIMATIC WinCC Runtime Advanced	Version: All versions
Siemens	SIPLUS TIM 1531 IRC	Version: 0 < V2.4.8
Siemens	TIM 1531 IRC	Version: 0 < V2.4.8

Show details on NVD website

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-28827",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T15:10:54.020229Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-10T15:11:03.085Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-7 LTE",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-8 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagBase",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagMonitor",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC WinCC Runtime Advanced",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain requests, causing a timeout in the watchdog, which could lead to the clean up of pointers. \r\n\r\nThis could allow a remote attacker to cause a denial of service condition in the system.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
            },
            {
               cvssV4_0: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                  version: "4.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476: NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-10T09:33:37.794Z",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-423808.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2023-28827",
      datePublished: "2024-09-10T09:33:37.794Z",
      dateReserved: "2023-03-24T15:17:29.557Z",
      dateUpdated: "2024-09-10T15:11:03.085Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-2680

Vulnerability from cvelistv5

Published

2017-05-11 01:00

Modified

2024-09-10 09:33

Severity ?

6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1038463	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/98369	vdb-entry, x_refsource_BID
	https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	x_refsource_CONFIRM
	https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf	x_refsource_CONFIRM
	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/html/ssa-293562.html
	https://cert-portal.siemens.com/productcert/html/ssa-284673.html
	https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Impacted products

Vendor

Product

Version

▼

Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Version: All versions < V4.1.1 Patch04

Siemens	Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200	Version: All versions < V4.2.1 Patch03
Siemens	Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P	Version: All versions < V4.4.0 Patch01
Siemens	Extension Unit 12" PROFINET	Version: All versions < V01.01.01
Siemens	Extension Unit 15" PROFINET	Version: All versions < V01.01.01
Siemens	Extension Unit 19" PROFINET	Version: All versions < V01.01.01
Siemens	Extension Unit 22" PROFINET	Version: All versions < V01.01.01
Siemens	IE/AS-i Link PN IO	Version: All versions
Siemens	IE/PB-Link (incl. SIPLUS NET variants)	Version: All versions < V3.0
Siemens	SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)	Version: All versions < V4.03
Siemens	SCALANCE W-700 IEEE 802.11n family	Version: All versions < V6.1
Siemens	SCALANCE X-200 family (incl. SIPLUS NET variants)	Version: All versions < V5.2.2
Siemens	SCALANCE X-200IRT family (incl. SIPLUS NET variants)	Version: All versions < V5.4.0
Siemens	SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)	Version: All versions < V4.1.0
Siemens	SCALANCE X408 family	Version: All versions < V4.1.0
Siemens	SCALANCE X414	Version: All versions < V3.10.2
Siemens	SCALANCE XM-400 family	Version: All versions < V6.1
Siemens	SCALANCE XR-500 family	Version: All versions < V6.1
Siemens	SIMATIC CM 1542-1	Version: All versions < V2.0
Siemens	SIMATIC CM 1542SP-1	Version: All versions < V1.0.15
Siemens	SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)	Version: All versions < V2.1.82
Siemens	SIMATIC CP 1243-1 (incl. SIPLUS variants)	Version: All versions < V2.1.82
Siemens	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)	Version: 0 < *
Siemens	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC CP 1243-7 LTE US	Version: All versions < V2.1.82
Siemens	SIMATIC CP 1243-8 IRC	Version: All versions < V2.1.82
Siemens	SIMATIC CP 1243-8 IRC	Version: All versions < V2.1.82
Siemens	SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)	Version: All versions < V1.0.15
Siemens	SIMATIC CP 1543-1 (incl. SIPLUS variants)	Version: All versions < V2.1
Siemens	SIMATIC CP 1543SP-1 (incl. SIPLUS variants)	Version: All versions < V1.0.15
Siemens	SIMATIC CP 1604	Version: All versions < V2.7
Siemens	SIMATIC CP 1616	Version: All versions < V2.7
Siemens	SIMATIC CP 1626	Version: All versions < V1.1
Siemens	SIMATIC CP 343-1 (incl. SIPLUS variants)	Version: All versions < V3.1.3
Siemens	SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC CP 343-1 Lean (incl. SIPLUS variants)	Version: All versions < V3.1.3
Siemens	SIMATIC CP 443-1 (incl. SIPLUS variants)	Version: All versions < V3.2.17
Siemens	SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)	Version: All versions < V3.2.17
Siemens	SIMATIC CP 443-1 OPC UA	Version: All versions
Siemens	SIMATIC DK-16xx PN IO	Version: All versions < V2.7
Siemens	SIMATIC ET 200AL IM 157-1 PN	Version: 0 < V1.0.2
Siemens	SIMATIC ET 200M (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC ET 200MP IM 155-5 PN BA	Version: 0 < V4.0.1
Siemens	SIMATIC ET 200MP IM 155-5 PN HF	Version: 0 < V4.2.0
Siemens	SIMATIC ET 200MP IM 155-5 PN ST	Version: 0 < V4.1.0
Siemens	SIMATIC ET 200pro IM 154-3 PN HF	Version: 0 < *
Siemens	SIMATIC ET 200pro IM 154-4 PN HF	Version: 0 < *
Siemens	SIMATIC ET 200SP IM 155-6 PN BA	Version: 0 < *
Siemens	SIMATIC ET 200SP IM 155-6 PN HF	Version: 0 < V4.2.0
Siemens	SIMATIC ET 200SP IM 155-6 PN HS	Version: 0 < V4.0.1
Siemens	SIMATIC ET 200SP IM 155-6 PN ST	Version: 0 < V4.1.0
Siemens	SIMATIC ET 200SP IM 155-6 PN ST BA	Version: 0 < V4.1.0
Siemens	SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 4AO U/I 4xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12	Version: All versions
Siemens	SIMATIC ET200ecoPN: IO-Link Master	Version: All versions
Siemens	SIMATIC ET200S (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)	Version: All versions < V15.1
Siemens	SIMATIC MV420 SR-B	Version: 0 < V7.0.6
Siemens	SIMATIC MV420 SR-B Body	Version: 0 < V7.0.6
Siemens	SIMATIC MV420 SR-P	Version: 0 < V7.0.6
Siemens	SIMATIC MV420 SR-P Body	Version: 0 < V7.0.6
Siemens	SIMATIC MV440 HR	Version: 0 < V7.0.6
Siemens	SIMATIC MV440 SR	Version: 0 < V7.0.6
Siemens	SIMATIC MV440 UR	Version: 0 < V7.0.6
Siemens	SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)	Version: All versions < V4.0
Siemens	SIMATIC RF650R	Version: All versions < V3.0
Siemens	SIMATIC RF680R	Version: All versions < V3.0
Siemens	SIMATIC RF685R	Version: All versions < V3.0
Siemens	SIMATIC S7-1200 CPU family (incl. SIPLUS variants)	Version: All versions < V4.2.1
Siemens	SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)	Version: All versions < V2.1
Siemens	SIMATIC S7-1500 Software Controller	Version: All versions < V2.1
Siemens	SIMATIC S7-200 SMART	Version: All versions < V2.3
Siemens	SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)	Version: 0 < V3.X.14
Siemens	SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)	Version: 0 < V6.0.7
Siemens	SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)	Version: 0 < V6.0.6
Siemens	SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)	Version: 0 < V7.0.2
Siemens	SIMATIC S7-410 CPU family (incl. SIPLUS variants)	Version: All versions < V8.2
Siemens	SIMATIC TDC CP51M1	Version: 0 < V1.1.8
Siemens	SIMATIC TDC CPU555	Version: 0 < V1.1.1
Siemens	SIMATIC Teleservice Adapter IE Advanced	Version: All versions
Siemens	SIMATIC Teleservice Adapter IE Basic	Version: All versions
Siemens	SIMATIC Teleservice Adapter IE Standard	Version: All versions
Siemens	SIMATIC WinAC RTX 2010	Version: All versions < V2010 SP3
Siemens	SIMATIC WinAC RTX F 2010	Version: All versions < V2010 SP3
Siemens	SIMOCODE pro V PROFINET (incl. SIPLUS variants)	Version: All versions < V2.0.0
Siemens	SIMOTION	Version: All versions < V4.5 HF1
Siemens	SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)	Version: All versions < V4.4 HF26
Siemens	SINAMICS DCM w. PN	Version: All versions < V1.4 SP1 HF5
Siemens	SINAMICS DCP w. PN	Version: All versions < V1.2 HF1
Siemens	SINAMICS G110M w. PN	Version: All versions < V4.7 SP6 HF3
Siemens	SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)	Version: All versions < V4.7 SP6 HF3
Siemens	SINAMICS G130 V4.7 w. PN	Version: All versions < V4.7 HF27
Siemens	SINAMICS G130 V4.8 w. PN	Version: All versions < V4.8 HF4
Siemens	SINAMICS G150 V4.7 w. PN	Version: V4.7: All versions < V4.7 HF27
Siemens	SINAMICS G150 V4.8 w. PN	Version: All versions < V4.8 HF4
Siemens	SINAMICS GH150 V4.7 w. PROFINET	Version: All versions < V4.7 SP5 HF7
Siemens	SINAMICS GL150 V4.7 w. PROFINET	Version: All versions < V4.8 SP2
Siemens	SINAMICS GM150 V4.7 w. PROFINET	Version: All versions < V4.7 HF31
Siemens	SINAMICS S110 w. PN	Version: All versions < V4.4 SP3 HF5
Siemens	SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)	Version: All versions < V4.7
Siemens	SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)	Version: All versions
Siemens	SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)	Version: All versions < V4.7 HF27
Siemens	SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)	Version: All versions < V4.8 HF4
Siemens	SINAMICS S150 V4.7 w. PN	Version: All versions < V4.7 HF27
Siemens	SINAMICS S150 V4.8 w. PN	Version: All versions < V4.8 HF4
Siemens	SINAMICS SL150 V4.7.0 w. PROFINET	Version: All versions < V4.7 HF30
Siemens	SINAMICS SL150 V4.7.4 w. PROFINET	Version: All versions < V4.8 SP2
Siemens	SINAMICS SL150 V4.7.5 w. PROFINET	Version: All versions < V4.8 SP2
Siemens	SINAMICS SM120 V4.7 w. PROFINET	Version: All versions < V4.8 SP2
Siemens	SINAMICS V90 w. PN	Version: All versions < V1.01
Siemens	SINUMERIK 828D V4.5 and prior	Version: All versions < V4.5 SP6 HF2
Siemens	SINUMERIK 828D V4.7	Version: All versions < V4.7 SP4 HF1
Siemens	SINUMERIK 840D sl V4.5 and prior	Version: All versions < V4.5 SP6 HF2
Siemens	SINUMERIK 840D sl V4.7	Version: All versions < V4.7 SP4 HF1
Siemens	SIPLUS ET 200MP IM 155-5 PN HF	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200MP IM 155-5 PN HF	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200MP IM 155-5 PN ST	Version: 0 < V4.1.0
Siemens	SIPLUS ET 200MP IM 155-5 PN ST TX RAIL	Version: 0 < V4.1.0
Siemens	SIPLUS ET 200SP IM 155-6 PN HF	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200SP IM 155-6 PN HF	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL	Version: 0 < V4.2.0
Siemens	SIPLUS ET 200SP IM 155-6 PN ST	Version: 0 < V4.1.0
Siemens	SIPLUS ET 200SP IM 155-6 PN ST BA	Version: 0 < V4.1.0
Siemens	SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL	Version: 0 < V4.1.0
Siemens	SIPLUS ET 200SP IM 155-6 PN ST TX RAIL	Version: 0 < V4.1.0
Siemens	SIRIUS ACT 3SU1 interface module PROFINET	Version: All versions < V1.1.0
Siemens	SIRIUS Motor Starter M200D PROFINET	Version: All versions
Siemens	SIRIUS Soft Starter 3RW44 PN	Version: All versions
Siemens	SITOP PSU8600 PROFINET	Version: All versions < V1.2.0
Siemens	SITOP UPS1600 PROFINET (incl. SIPLUS variants)	Version: All versions < V2.2.0
Siemens	Softnet PROFINET IO for PC-based Windows systems	Version: All versions < V14 SP1

Show details on NVD website

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2017-2680",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-09T13:26:04.237652Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-09T13:26:15.327Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T14:02:07.270Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1038463",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038463",
               },
               {
                  name: "98369",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98369",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/html/ssa-284673.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/html/ssa-546832.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.1.1 Patch04",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.2.1 Patch03",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.4.0 Patch01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Extension Unit 12\" PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V01.01.01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Extension Unit 15\" PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V01.01.01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Extension Unit 19\" PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V01.01.01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Extension Unit 22\" PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V01.01.01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "IE/AS-i Link PN IO",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "IE/PB-Link (incl. SIPLUS NET variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.03",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE W-700 IEEE 802.11n family",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V6.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE X-200 family (incl. SIPLUS NET variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V5.2.2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE X-200IRT family (incl. SIPLUS NET variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V5.4.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.1.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE X408 family",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.1.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE X414",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.10.2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE XM-400 family",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V6.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SCALANCE XR-500 family",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V6.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CM 1542-1",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CM 1542SP-1",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.0.15",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1.82",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1.82",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-7 LTE US",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1.82",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-8 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1.82",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-8 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1.82",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.0.15",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.0.15",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1604",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.7",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1616",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.7",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1626",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 343-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.1.3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.1.3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 443-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.2.17",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.2.17",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 443-1 OPC UA",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC DK-16xx PN IO",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.7",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200AL IM 157-1 PN",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V1.0.2",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200M (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200MP IM 155-5 PN BA",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.0.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200MP IM 155-5 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200MP IM 155-5 PN ST",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200pro IM 154-3 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200pro IM 154-4 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200SP IM 155-6 PN BA",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200SP IM 155-6 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200SP IM 155-6 PN HS",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.0.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200SP IM 155-6 PN ST",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET 200SP IM 155-6 PN ST BA",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200ecoPN: IO-Link Master",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC ET200S (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V15.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV420 SR-B",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV420 SR-B Body",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV420 SR-P",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV420 SR-P Body",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV440 HR",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV440 SR",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC MV440 UR",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC RF650R",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC RF680R",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC RF685R",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V3.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.2.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-1500 Software Controller",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-200 SMART",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.X.14",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V6.0.7",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V6.0.6",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V7.0.2",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V8.2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC TDC CP51M1",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V1.1.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC TDC CPU555",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V1.1.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC Teleservice Adapter IE Advanced",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC Teleservice Adapter IE Basic",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC Teleservice Adapter IE Standard",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC WinAC RTX 2010",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2010 SP3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC WinAC RTX F 2010",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2010 SP3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.0.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMOTION",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.5 HF1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.4 HF26",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS DCM w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.4 SP1 HF5",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS DCP w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.2 HF1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G110M w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 SP6 HF3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 SP6 HF3",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G130 V4.7 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 HF27",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G130 V4.8 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 HF4",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G150 V4.7 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "V4.7: All versions < V4.7 HF27",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS G150 V4.8 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 HF4",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS GH150 V4.7 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 SP5 HF7",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS GL150 V4.7 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 SP2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS GM150 V4.7 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 HF31",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S110 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.4 SP3 HF5",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 HF27",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 HF4",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S150 V4.7 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 HF27",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS S150 V4.8 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 HF4",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS SL150 V4.7.0 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 HF30",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS SL150 V4.7.4 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 SP2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS SL150 V4.7.5 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 SP2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS SM120 V4.7 w. PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.8 SP2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINAMICS V90 w. PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.01",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINUMERIK 828D V4.5 and prior",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.5 SP6 HF2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINUMERIK 828D V4.7",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 SP4 HF1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINUMERIK 840D sl V4.5 and prior",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.5 SP6 HF2",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SINUMERIK 840D sl V4.7",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V4.7 SP4 HF1",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200MP IM 155-5 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200MP IM 155-5 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200MP IM 155-5 PN ST",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN HF",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.2.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN ST",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN ST BA",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V4.1.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIRIUS ACT 3SU1 interface module PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.1.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIRIUS Motor Starter M200D PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIRIUS Soft Starter 3RW44 PN",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SITOP PSU8600 PROFINET",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V1.2.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V2.2.0",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "Softnet PROFINET IO for PC-based Windows systems",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V14 SP1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
            {
               cvssV4_0: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                  version: "4.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400: Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-10T09:33:18.492Z",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               name: "1038463",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038463",
            },
            {
               name: "98369",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98369",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-284673.html",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-546832.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2017-2680",
      datePublished: "2017-05-11T01:00:00",
      dateReserved: "2016-12-01T00:00:00",
      dateUpdated: "2024-09-10T09:33:18.492Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-30756

Vulnerability from cvelistv5

Published

2024-09-10 09:33

Modified

2024-09-10 15:10

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference. This could allow a remote attacker with no privileges to cause a denial of service condition in the system.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-423808.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V3.5.20

Siemens	SIMATIC CP 1243-1 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-7 LTE	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-8 IRC	Version: 0 < V3.5.20
Siemens	SIMATIC HMI Comfort Panels (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC IPC DiagBase	Version: 0 < *
Siemens	SIMATIC IPC DiagMonitor	Version: All versions
Siemens	SIMATIC WinCC Runtime Advanced	Version: All versions
Siemens	SIPLUS TIM 1531 IRC	Version: 0 < V2.4.8
Siemens	TIM 1531 IRC	Version: 0 < V2.4.8

Show details on NVD website

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-30756",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T15:09:52.396615Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-10T15:10:00.273Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-7 LTE",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-8 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagBase",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagMonitor",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC WinCC Runtime Advanced",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference.\r\n\r\nThis could allow a remote attacker with no privileges to cause a denial of service condition in the system.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
            },
            {
               cvssV4_0: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                  version: "4.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476: NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-10T09:33:40.640Z",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-423808.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2023-30756",
      datePublished: "2024-09-10T09:33:40.640Z",
      dateReserved: "2023-04-14T11:16:56.497Z",
      dateUpdated: "2024-09-10T15:10:00.273Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-30755

Vulnerability from cvelistv5

Published

2024-09-10 09:33

Modified

2024-09-10 15:10

Severity ?

4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
5.9 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources. This could allow a remote attacker with elevated privileges to cause a denial of service condition in the system.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-423808.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V3.5.20

Siemens	SIMATIC CP 1243-1 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-7 LTE	Version: 0 < V3.5.20
Siemens	SIMATIC CP 1243-8 IRC	Version: 0 < V3.5.20
Siemens	SIMATIC HMI Comfort Panels (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC IPC DiagBase	Version: 0 < *
Siemens	SIMATIC IPC DiagMonitor	Version: All versions
Siemens	SIMATIC WinCC Runtime Advanced	Version: All versions
Siemens	SIPLUS TIM 1531 IRC	Version: 0 < V2.4.8
Siemens	TIM 1531 IRC	Version: 0 < V2.4.8

Show details on NVD website

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-30755",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T15:10:26.969445Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-10T15:10:35.515Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-7 LTE",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC CP 1243-8 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V3.5.20",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagBase",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "*",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC IPC DiagMonitor",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIMATIC WinCC Runtime Advanced",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "SIPLUS TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               product: "TIM 1531 IRC",
               vendor: "Siemens",
               versions: [
                  {
                     lessThan: "V2.4.8",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources. \r\n\r\nThis could allow a remote attacker with elevated privileges to cause a denial of service condition in the system.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                  version: "3.1",
               },
            },
            {
               cvssV4_0: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                  version: "4.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476: NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-10T09:33:39.215Z",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               url: "https://cert-portal.siemens.com/productcert/html/ssa-423808.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2023-30755",
      datePublished: "2024-09-10T09:33:39.215Z",
      dateReserved: "2023-04-14T11:16:56.497Z",
      dateUpdated: "2024-09-10T15:10:35.515Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-38380

Vulnerability from cvelistv5

Published

2023-12-12 11:26

Modified

2024-08-02 17:39

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf
	https://cert-portal.siemens.com/productcert/html/ssa-693975.html
	https://cert-portal.siemens.com/productcert/html/ssa-139628.html
	https://cert-portal.siemens.com/productcert/html/ssa-625862.html

Impacted products

Vendor

Product

Version

▼

Version: 0 < V3.4.29

Siemens	SIMATIC CP 1243-1 (incl. SIPLUS variants)	Version: 0 < V3.4.29
Siemens	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)	Version: 0 < *
Siemens	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)	Version: 0 < V3.4.29
Siemens	SIMATIC CP 1243-7 LTE	Version: 0 < V3.4.29
Siemens	SIMATIC CP 1243-8 IRC	Version: 0 < V3.4.29
Siemens	SIMATIC CP 1542SP-1	Version: 0 < V2.3
Siemens	SIMATIC CP 1542SP-1 IRC	Version: 0 < V2.3
Siemens	SIMATIC CP 1543-1	Version: 0 < V3.0.37
Siemens	SIMATIC CP 1543SP-1	Version: 0 < V2.3
Siemens	SINAMICS S210 (6SL5...)	Version: V6.1 < V6.1 HF2
Siemens	SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL	Version: 0 < V2.3
Siemens	SIPLUS ET 200SP CP 1543SP-1 ISEC	Version: 0 < V2.3
Siemens	SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL	Version: 0 < V2.3
Siemens	SIPLUS NET CP 1543-1	Version: 0 < V3.0.37

Show details on NVD website