Vulnerabilites related to Siemens - SIMATIC WinCC Runtime Professional V17
cve-2023-50821
Vulnerability from cvelistv5
Published
2024-04-09 08:34
Modified
2025-02-26 18:41
Severity ?
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V9.1 |
Version: 0 < V9.1 SP2 UC04 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:23:44.213Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-730482.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-50821", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-12T13:48:36.486525Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-26T18:41:29.599Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC04", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 16", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 6.9, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T10:29:58.380Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-730482.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-50821", datePublished: "2024-04-09T08:34:35.452Z", dateReserved: "2023-12-14T15:44:45.770Z", dateUpdated: "2025-02-26T18:41:29.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46280
Vulnerability from cvelistv5
Published
2024-05-14 10:01
Modified
2024-12-10 13:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-46280", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-29T14:20:28.448026Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:22:08.819Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T20:37:40.324Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-962515.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Security Configuration Tool (SCT)", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Automation Tool", vendor: "Siemens", versions: [ { lessThan: "V5.0 SP2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 Upd5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V18", vendor: "Siemens", versions: [ { lessThan: "V18 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC05", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PDM V9.2", vendor: "Siemens", versions: [ { lessThan: "V9.2 SP2 Upd3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 Upd3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PCT", vendor: "Siemens", versions: [ { lessThan: "V3.5 SP3 Update 6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { lessThan: "V5.7 SP3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.18", vendor: "Siemens", versions: [ { lessThan: "V3.18 P025", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.19", vendor: "Siemens", versions: [ { lessThan: "V3.19 P010", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 17", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINAMICS Startdrive", vendor: "Siemens", versions: [ { lessThan: "V19 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEC NMS", vendor: "Siemens", versions: [ { lessThan: "V3.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEC NMS", vendor: "Siemens", versions: [ { lessThan: "V3.0 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK ONE virtual", vendor: "Siemens", versions: [ { lessThan: "V6.23", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK PLC Programming Tool", vendor: "Siemens", versions: [ { lessThan: "V3.3.12", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TIA Portal Cloud Connector", vendor: "Siemens", versions: [ { lessThan: "V2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V15.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V16", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T13:53:28.579Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-962515.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-784301.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-331112.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-46280", datePublished: "2024-05-14T10:01:52.069Z", dateReserved: "2023-10-20T08:02:52.794Z", dateUpdated: "2024-12-10T13:53:28.579Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24287
Vulnerability from cvelistv5
Published
2022-05-10 09:46
Modified
2024-08-03 04:07
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:07:02.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3 UC06", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1 UC01", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 21", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 8", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1188", description: "CWE-1188: Insecure Default Initialization of Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T11:03:11.010Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-24287", datePublished: "2022-05-10T09:46:57", dateReserved: "2022-02-01T00:00:00", dateUpdated: "2024-08-03T04:07:02.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28831
Vulnerability from cvelistv5
Published
2023-09-12 09:32
Modified
2025-01-14 10:27
Severity ?
EPSS score ?
Summary
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC BRAUMAT |
Version: 0 < V8.1 SP1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T13:51:38.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-711309.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-118850.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC BRAUMAT", vendor: "Siemens", versions: [ { lessThan: "V8.1 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Cloud Connect 7 CC712", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Cloud Connect 7 CC716", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Comfort/Mobile RT", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1504D TF", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1504D TF", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "V3.0.1", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1507D TF", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Drive Controller CPU 1507D TF", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "V3.0.1", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V21.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V30.1.0", status: "affected", version: "V30.0.0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IPC DiagMonitor", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { lessThan: "V16 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V17", vendor: "Siemens", versions: [ { lessThan: "V17 SP1 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS neo V4.0", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511T-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511T-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511TF-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1511TF-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512C-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SP F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SP-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SPT F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1514SPT-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515T-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515T-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515TF-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1515TF-2 PN", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516T-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1516TF-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517T-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1517TF-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518F-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518T-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU 1518TF-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller V2", vendor: "Siemens", versions: [ { lessThan: "V21.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller V3", vendor: "Siemens", versions: [ { lessThan: "V30.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PLCSIM Advanced", vendor: "Siemens", versions: [ { lessThan: "V5.0 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC SISTAR", vendor: "Siemens", versions: [ { lessThan: "V8.1 SP1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { lessThan: "V3.17 P029", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.18", vendor: "Siemens", versions: [ { lessThan: "V3.18 P019", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OA V3.19", vendor: "Siemens", versions: [ { lessThan: "V3.19 P005", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC OPC UA Client", vendor: "Siemens", versions: [ { lessThan: "V2.0.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Unified OPC UA Server", vendor: "Siemens", versions: [ { lessThan: "V5.0.0.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK MC", vendor: "Siemens", versions: [ { lessThan: "V1.22", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK ONE", vendor: "Siemens", versions: [ { lessThan: "V6.22", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1511F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1513F-1 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1500 CPU 1518F-4 PN/DP", vendor: "Siemens", versions: [ { lessThan: "V3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.\r\n\r\nThis could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T10:27:15.947Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-711309.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-118850.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-28831", datePublished: "2023-09-12T09:32:06.153Z", dateReserved: "2023-03-24T15:17:33.934Z", dateUpdated: "2025-01-14T10:27:15.947Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }