Vulnerabilites related to Siemens - SIMATIC MV550 H
var-202307-0657
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202307-0657", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "simatic mv560 u", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv560 x", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv550 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 x", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560 u", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560", scope: "eq", trust: 0.6, vendor: "siemens", version: "x<v3.3.4", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-35920", }, ], }, cve: "CVE-2023-35920", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2023-56542", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-35920", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2023-35920", trust: 1.8, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2023-35920", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2023-56542", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202307-745", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "CNNVD", id: "CNNVD-202307-745", }, { db: "NVD", id: "CVE-2023-35920", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces", sources: [ { db: "NVD", id: "CVE-2023-35920", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "CNVD", id: "CNVD-2023-56542", }, { db: "VULMON", id: "CVE-2023-35920", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-35920", trust: 3.9, }, { db: "SIEMENS", id: "SSA-561322", trust: 3.1, }, { db: "JVN", id: "JVNVU95292697", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2023-021766", trust: 0.8, }, { db: "CNVD", id: "CNVD-2023-56542", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202307-745", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-35920", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "VULMON", id: "CVE-2023-35920", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "CNNVD", id: "CNNVD-202307-745", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, id: "VAR-202307-0657", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, ], }, last_update_date: "2024-01-21T19:51:48.568000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMATIC MV500 Devices resource consumption out of control vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/443076", }, { title: "Siemens SIMATIC Multiple products Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246826", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "CNNVD", id: "CNNVD-202307-745", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu95292697/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-35920", }, { trust: 0.6, url: "https://cert-portal.siemens.com/productcert/html/ssa-561322.html", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-35920/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "VULMON", id: "CVE-2023-35920", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "CNNVD", id: "CNNVD-202307-745", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2023-56542", }, { db: "VULMON", id: "CVE-2023-35920", }, { db: "JVNDB", id: "JVNDB-2023-021766", }, { db: "CNNVD", id: "CNNVD-202307-745", }, { db: "NVD", id: "CVE-2023-35920", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56542", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-35920", }, { date: "2024-01-19T00:00:00", db: "JVNDB", id: "JVNDB-2023-021766", }, { date: "2023-07-11T00:00:00", db: "CNNVD", id: "CNNVD-202307-745", }, { date: "2023-07-11T10:15:10.543000", db: "NVD", id: "CVE-2023-35920", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56542", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-35920", }, { date: "2024-01-19T08:08:00", db: "JVNDB", id: "JVNDB-2023-021766", }, { date: "2023-07-20T00:00:00", db: "CNNVD", id: "CNNVD-202307-745", }, { date: "2023-07-19T14:58:06.770000", db: "NVD", id: "CVE-2023-35920", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202307-745", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2023-021766", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202307-745", }, ], trust: 0.6, }, }
var-202307-0656
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed mount optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202307-0656", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "simatic mv560 u", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv560 x", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv550 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 x", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560 u", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560", scope: "eq", trust: 0.6, vendor: "siemens", version: "x<v3.3.4", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-35921", }, ], }, cve: "CVE-2023-35921", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2023-56541", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-35921", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2023-35921", trust: 1.8, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2023-35921", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2023-56541", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202307-744", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "CNNVD", id: "CNNVD-202307-744", }, { db: "NVD", id: "CVE-2023-35921", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed mount optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces", sources: [ { db: "NVD", id: "CVE-2023-35921", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "CNVD", id: "CNVD-2023-56541", }, { db: "VULMON", id: "CVE-2023-35921", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-35921", trust: 3.9, }, { db: "SIEMENS", id: "SSA-561322", trust: 3.1, }, { db: "JVN", id: "JVNVU95292697", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2023-021765", trust: 0.8, }, { db: "CNVD", id: "CNVD-2023-56541", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202307-744", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-35921", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "VULMON", id: "CVE-2023-35921", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "CNNVD", id: "CNNVD-202307-744", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, id: "VAR-202307-0656", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, ], }, last_update_date: "2024-01-21T22:14:22.718000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMATIC MV500 Devices Uncontrolled Resource Consumption Vulnerability (CNVD-2023-56541)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/443071", }, { title: "Siemens SIMATIC Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246825", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "CNNVD", id: "CNNVD-202307-744", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu95292697/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-35921", }, { trust: 0.6, url: "https://cert-portal.siemens.com/productcert/html/ssa-561322.html", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-35921/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "VULMON", id: "CVE-2023-35921", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "CNNVD", id: "CNNVD-202307-744", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2023-56541", }, { db: "VULMON", id: "CVE-2023-35921", }, { db: "JVNDB", id: "JVNDB-2023-021765", }, { db: "CNNVD", id: "CNNVD-202307-744", }, { db: "NVD", id: "CVE-2023-35921", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56541", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-35921", }, { date: "2024-01-19T00:00:00", db: "JVNDB", id: "JVNDB-2023-021765", }, { date: "2023-07-11T00:00:00", db: "CNNVD", id: "CNNVD-202307-744", }, { date: "2023-07-11T10:15:10.610000", db: "NVD", id: "CVE-2023-35921", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56541", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-35921", }, { date: "2024-01-19T08:08:00", db: "JVNDB", id: "JVNDB-2023-021765", }, { date: "2023-07-20T00:00:00", db: "CNNVD", id: "CNNVD-202307-744", }, { date: "2023-07-19T15:21:30.293000", db: "NVD", id: "CVE-2023-35921", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202307-744", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2023-021765", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202307-744", }, ], trust: 0.6, }, }
var-202307-0655
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of all socket-based communication of the affected products if the result server is enabled. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed mount optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202307-0655", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "simatic mv560 u", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv560 x", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 1, vendor: "siemens", version: "3.3.4", }, { model: "simatic mv550 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv550 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv560 x", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 s", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv540 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv540 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 h", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv550 s", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560 u", scope: "lt", trust: 0.6, vendor: "siemens", version: "v3.3.4", }, { model: "simatic mv560", scope: "eq", trust: 0.6, vendor: "siemens", version: "x<v3.3.4", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2023-36521", }, ], }, cve: "CVE-2023-36521", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2023-56540", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2023-36521", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2023-36521", trust: 1.8, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2023-36521", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2023-56540", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202307-740", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "CNNVD", id: "CNNVD-202307-740", }, { db: "NVD", id: "CVE-2023-36521", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a\r\nvulnerability that may lead to a denial of service condition. An attacker may\r\ncause a denial of service situation of all socket-based communication of the\r\naffected products if the result server is enabled. simatic mv540 h firmware, simatic mv540 s firmware, simatic mv550 h Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. The SIMATIC MV500 products are fixed mount optical readers for capturing printed, laser, drilled, punched and dot-dash codes on a variety of different surfaces", sources: [ { db: "NVD", id: "CVE-2023-36521", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "CNVD", id: "CNVD-2023-56540", }, { db: "VULMON", id: "CVE-2023-36521", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-36521", trust: 3.9, }, { db: "SIEMENS", id: "SSA-561322", trust: 3.1, }, { db: "JVN", id: "JVNVU95292697", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2023-021743", trust: 0.8, }, { db: "CNVD", id: "CNVD-2023-56540", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202307-740", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-36521", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "VULMON", id: "CVE-2023-36521", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "CNNVD", id: "CNNVD-202307-740", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, id: "VAR-202307-0655", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, ], }, last_update_date: "2024-01-21T19:23:05.386000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMATIC MV500 Devices Uncontrolled Resource Consumption Vulnerability (CNVD-2023-56540)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/443066", }, { title: "Siemens SIMATIC Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246824", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "CNNVD", id: "CNNVD-202307-740", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-770", trust: 1, }, { problemtype: "Allocation of resources without limits or throttling (CWE-770) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu95292697/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-36521", }, { trust: 0.6, url: "https://cert-portal.siemens.com/productcert/html/ssa-561322.html", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-36521/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "VULMON", id: "CVE-2023-36521", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "CNNVD", id: "CNNVD-202307-740", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2023-56540", }, { db: "VULMON", id: "CVE-2023-36521", }, { db: "JVNDB", id: "JVNDB-2023-021743", }, { db: "CNNVD", id: "CNNVD-202307-740", }, { db: "NVD", id: "CVE-2023-36521", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56540", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-36521", }, { date: "2024-01-19T00:00:00", db: "JVNDB", id: "JVNDB-2023-021743", }, { date: "2023-07-11T00:00:00", db: "CNNVD", id: "CNNVD-202307-740", }, { date: "2023-07-11T10:15:10.897000", db: "NVD", id: "CVE-2023-36521", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-07-17T00:00:00", db: "CNVD", id: "CNVD-2023-56540", }, { date: "2023-07-11T00:00:00", db: "VULMON", id: "CVE-2023-36521", }, { date: "2024-01-19T08:07:00", db: "JVNDB", id: "JVNDB-2023-021743", }, { date: "2023-07-20T00:00:00", db: "CNNVD", id: "CNNVD-202307-740", }, { date: "2023-07-19T15:21:04.790000", db: "NVD", id: "CVE-2023-36521", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202307-740", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2023-021743", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202307-740", }, ], trust: 0.6, }, }
cve-2023-35921
Vulnerability from cvelistv5
Published
2023-07-11 09:07
Modified
2024-11-13 14:28
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC MV540 H |
Version: All versions < V3.3.4 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:37:40.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "simatic_mv540_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "simatic_mv540_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "simatic_mv550_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv550_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "simatic_mv560_u", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "simatic_mv560_x", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-35921", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T14:25:45.446014Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T14:28:33.242Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-11T09:07:09.314Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-35921", datePublished: "2023-07-11T09:07:09.314Z", dateReserved: "2023-06-20T10:46:34.162Z", dateUpdated: "2024-11-13T14:28:33.242Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28400
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-12-10 13:53
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controller", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:development_evaluation_kits_for_profinet_io_ek_ertec_200p:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "development_evaluation_kits_for_profinet_io_ek_ertec_200p", vendor: "siemens", versions: [ { lessThan: "v4.7", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:ruggedcom_rm1224:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ruggedcom_rm1224", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m804pb", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_a", vendor: "seimens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:seimens:scalance_m812-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m812-1_adsl-router_annex_b", vendor: "seimens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816_1_adsl_router_annex_a:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816_1_adsl_router_annex_a", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m816-1_adsl-router_annex_b:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m816-1_adsl-router_annex_b", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m826-2_shdsl-router", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_2", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_m874_3:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_m874_3", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_evdo:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_evdo", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_3_rok:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_3_rok", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_eu:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_eu", vendor: "siemens", versions: [ { lessThan: "6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_m876_4_nam:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_m876_4_nam", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_s615", vendor: "siemens", versions: [ { lessThan: "v6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w700_ieee_802.11n_family:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w700_ieee_802.11n_family", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1748_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1748_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_1_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_1_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_eec_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_eec_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_w1788_2ia_m12:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_w1788_2ia_m12", vendor: "siemens", versions: [ { lessThan: "v3.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x200_4p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x200_4p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt:0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalance_x201_3p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalance_x201_3p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x202_2p_irt:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x202_2p_irt", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_202_2p_irt_pro:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_202_2p_irt_pro", vendor: "siemens", versions: [ { lessThan: "v5.5.0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalancce_x204_2:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalancce_x204_2", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2fm:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2fm", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ld_ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ld_ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:scalence_x204_2ts:0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "scalence_x204_2ts", vendor: "siemens", versions: [ { lessThan: "v5.25", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2020-28400", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-13T18:59:11.953107Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-24T18:07:44.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T16:33:59.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) EU", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 LTE(4G) NAM", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3 3G-Router (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM853-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (A1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (B1)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (CN)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (EU)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE MUM856-1 (RoW)", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 EEC LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { lessThan: "V6.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 EEC M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W1788-2IA M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W721-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W722-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W734-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W738-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W748-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W761-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W774-1 RJ45 (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W778-1 M12 EEC (USA)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2 SFP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W786-2IA RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-1 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 M12 EEC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W788-2 RJ45", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB205-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB208 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3 (ST, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB213-3LD (SC, PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (E/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB216 (PN)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (SC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2 (ST/BFOC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2G PoE EEC (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G (EIP DEF.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC206-2SFP G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G (EIP def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC208G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-3G PoE (54 V DC)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G (EIP Def.)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC224-4C G EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204 DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA DNA", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.5.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { lessThan: "V5.2.5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM408-8C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM416-4C (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP208PoE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216 (Ethernet/IP)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP216POE EEC", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 x FE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324WG (24 X FE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR326-2C PoE WG (without UL)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, AC 230V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR328-4C WG (28xGE, DC 24V)", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR524-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 1x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 24V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR526-8C, 2x230V (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR528-6M (L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2, L3 int.)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR552-12M (2HR2)", vendor: "Siemens", versions: [ { lessThan: "V6.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU DIQ", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CFU PA", vendor: "Siemens", versions: [ { lessThan: "V2.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IE/PB-LINK", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions >= V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Power Line Booster PLB, Base Module", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PROFINET Driver", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { lessThan: "V4.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC206-2SFP", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC208", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE XC216-4C", vendor: "Siemens", versions: [ { lessThan: "V4.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:22.763Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-599968.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28400", datePublished: "2021-07-13T11:02:49", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-12-10T13:53:22.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36521
Vulnerability from cvelistv5
Published
2023-07-11 09:07
Modified
2024-11-21 14:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a
vulnerability that may lead to a denial of service condition. An attacker may
cause a denial of service situation of all socket-based communication of the
affected products if the result server is enabled.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC MV540 H |
Version: All versions < V3.3.4 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:52:52.404Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv540_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv540_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv550_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv550_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv560_u", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv560_x", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-36521", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T14:06:23.456400Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T14:09:57.839Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a\r\nvulnerability that may lead to a denial of service condition. An attacker may\r\ncause a denial of service situation of all socket-based communication of the\r\naffected products if the result server is enabled.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-11T09:07:13.637Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-36521", datePublished: "2023-07-11T09:07:13.637Z", dateReserved: "2023-06-22T12:37:24.976Z", dateUpdated: "2024-11-21T14:09:57.839Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-33138
Vulnerability from cvelistv5
Published
2022-07-12 10:06
Modified
2024-08-03 08:01
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC MV540 H |
Version: All versions < V3.3 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T08:01:19.531Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306: Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-12T10:06:46", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-33138", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC MV540 H", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV540 S", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV550 H", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV550 S", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV560 U", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV560 X", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-306: Missing Authentication for Critical Function", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-33138", datePublished: "2022-07-12T10:06:46", dateReserved: "2022-06-13T00:00:00", dateUpdated: "2024-08-03T08:01:19.531Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-35920
Vulnerability from cvelistv5
Published
2023-07-11 09:07
Modified
2024-11-12 16:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC MV540 H |
Version: All versions < V3.3.4 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:37:40.466Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv540_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv540_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv550_h", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv550_s", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv560_u", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_mv560_x", vendor: "siemens", versions: [ { lessThan: "V3.3.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-35920", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T16:50:03.984084Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T16:53:53.862Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-11T09:07:08.275Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-35920", datePublished: "2023-07-11T09:07:08.275Z", dateReserved: "2023-06-20T10:46:34.162Z", dateUpdated: "2024-11-12T16:53:53.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-33137
Vulnerability from cvelistv5
Published
2022-07-12 10:06
Modified
2024-08-03 08:01
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users' sessions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC MV540 H |
Version: All versions < V3.3 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T08:01:19.904Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC MV540 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV540 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV550 H", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV550 S", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV560 U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "SIMATIC MV560 X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users' sessions.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-613", description: "CWE-613: Insufficient Session Expiration", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-12T10:06:44", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-33137", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC MV540 H", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV540 S", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV550 H", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV550 S", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV560 U", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "SIMATIC MV560 X", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users' sessions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-613: Insufficient Session Expiration", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-33137", datePublished: "2022-07-12T10:06:44", dateReserved: "2022-06-13T00:00:00", dateUpdated: "2024-08-03T08:01:19.904Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }