All the vulnerabilites related to siemens - simatic_hmi_ktp1200_basic_firmware
cve-2022-40227
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC HMI Comfort Panels (incl. SIPLUS variants) |
Version: All versions < V17 Update 4 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 4"
}
]
},
{
"product": "SIMATIC HMI KTP Mobile Panels",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 4"
}
]
},
{
"product": "SIMATIC HMI KTP1200 Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIMATIC HMI KTP400 Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIMATIC HMI KTP700 Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIMATIC HMI KTP900 Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIPLUS HMI KTP1200 BASIC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIPLUS HMI KTP400 BASIC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIPLUS HMI KTP700 BASIC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
},
{
"product": "SIPLUS HMI KTP900 BASIC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions \u003c V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions \u003c V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP400 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP700 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP900 Basic (All versions \u003c V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions \u003c V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40227",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCFD529-DCC6-42FE-8691-AE5B6695803D",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4EBEE7D5-F809-4225-9A06-7206020EBFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:17.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "B09B136A-D79C-479F-B8C3-8205D9C07096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "746EF905-2BE7-4D2D-A835-BD45A7EC0E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "BACB3952-99E2-4435-9ED8-062121F64B74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB67AB83-24D3-44C7-88EB-9F86C1377FE6",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9C1B107D-7299-4B35-8B8A-2C7604D7E053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "4CC31D37-01CC-47BF-B914-C01D67E5F7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "EB517965-7DEA-4F36-9F8C-CD2ACA70011E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "30D445ED-DCC8-48CC-9964-99594941E0C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp400_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "8F89742F-A83A-47D4-9B7B-FC938E122374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp400_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0222A331-0D6B-4CF0-AAC8-8874A8C2920D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9BB91-C4E1-4EE3-8FB6-011D81E335B2",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EBE0FA3D-E20D-4428-9882-04008F77D7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "893C0FF7-56D7-42C5-8175-E9A220D9FD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "917B4B04-4AED-45C9-AB84-6C2033666284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "F5DD16C0-2E48-44F5-9702-80370285A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "E521B7A5-C8BD-4CBD-8D07-7173523D9947",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp700_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8615AE0-0560-4026-89E5-9122F7846318",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F77DAF-1863-4DA7-8900-56A2C3377F56",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3F4D22C3-1A81-4CC0-94EA-D4B5AEF7103C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "66CF9CE6-C351-4F55-9CEC-EF28237A6765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "1A113518-2D32-4C1F-ADEA-F02A24509454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "8264F3AE-8DFF-4462-8073-BDCD45A874D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp900_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "DA5DB18E-258F-4E50-97D6-B4067F747F9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp900_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2CB1B6-8864-486F-B6F8-9008367C5520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50D8577F-6CE5-4407-A875-06321EEEA38E",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9BAD5042-0834-44DB-984D-BBC15F61C336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "D9DA5CB7-6566-4941-980A-AEE3FB303823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "6C724EA7-F8D2-41A3-83D1-584980D49879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6DA2E685-01A0-4CFE-B0C9-457F5EF7319F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp1200_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "73087669-4164-4A95-AB5B-652032BCD204",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp1200_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF65C523-5AFA-46C4-BB97-5E540A4FAF33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B580B36D-225C-4826-A9F7-18B98B5F6ADC",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "072043EB-B855-4F1A-A326-F135C557FC1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "EBC6C232-8DA0-46EA-9F45-6C71E43622D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "8981B34C-287F-4121-9CF7-5F08D79D50FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "34D094D0-A74A-4924-A969-A60E4BFC63B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CEB200-E38F-4629-9279-5AF065396678",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CDE46F2-DDE2-448F-9F50-324D3D5BAAAF",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3933A5FE-62D7-407D-A381-0132ECC87B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "B8D306FA-B376-431E-87AE-CECBB36D579A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "9D45398C-11BE-4074-B48D-2B59A1861706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "78B8C304-65CC-4AF4-8CD9-1ADC4F75FD79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp400_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "93D82946-53FC-456F-AC56-7F29EE7B8CED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siplus_hmi_ktp400_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC3E1B0-CC2B-4C34-AB6F-C61D2DF8DCA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7E344E-50C0-46CB-BB23-DBD9C6D587EC",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0A97BEBC-ED88-4FA7-B3E2-00398B454038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "E15BF5CD-F348-4AD5-A86A-4DE4436ECB5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "70BDFDFF-3B0E-4180-B525-C36D47D49655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "970D3ED3-27A1-4960-B3B6-21733D9E4943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp700_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "E3BD885C-F063-41C6-837B-50281269611E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siplus_hmi_ktp700_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AADB5B-4072-447D-A9BF-A0108334D727",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0426D469-72EE-4D66-987E-C21BDB9867CB",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "431D187E-A8F3-4586-B7C8-72D98976A59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "D652CF29-8521-45B3-AA50-55F3D4D83140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "DADE0CDD-474E-48C5-9A17-3B9621B34218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "1BDE0B2E-B8D4-4FD1-85B0-DAD4B5AAC160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp900_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "02CE0AF1-7EC1-4CEF-BD42-7C4AD2684A71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siplus_hmi_ktp900_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C79F9E9-D9B6-4D6B-9B6F-006E3268EEAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11713C91-C989-417A-85F3-6744E9F420A4",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "031AEC4F-FCE6-4F79-B372-4D07485E20A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:17.0:udpate1:*:*:*:*:*:*",
"matchCriteriaId": "881F137C-1F01-4225-9257-08ED9F53583C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:17.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "4B9DB1DC-EC61-4B84-8624-863B4E4954AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:17.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "2019CF4C-4555-4357-8B8B-63895206BEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:siplus_hmi_ktp1200_basic_firmware:17.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "B92136E9-C281-43BB-BF65-EC8729C31BB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siplus_hmi_ktp1200_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F61D1C-1127-4F37-BA30-3F36830FDF20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions \u003c V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions \u003c V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP400 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP700 Basic (All versions \u003c V17 Update 5), SIMATIC HMI KTP900 Basic (All versions \u003c V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions \u003c V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions \u003c V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en los paneles SIMATIC HMI Comfort (incl. variantes SIPLUS) (Todas las versiones anteriores a V17 Actualizaci\u00f3n 4), SIMATIC HMI KTP Mobile Panels (Todas las versiones anteriores a V17 Actualizaci\u00f3n 4), SIMATIC HMI KTP1200 Basic (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIMATIC HMI KTP400 Basic (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIMATIC HMI KTP700 Basic (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIMATIC HMI KTP900 Basic (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIPLUS HMI KTP1200 BASIC (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIPLUS HMI KTP400 BASIC (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIPLUS HMI KTP700 BASIC (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5), SIPLUS HMI KTP900 BASIC (Todas las versiones anteriores a V17 Actualizaci\u00f3n 5). Los dispositivos afectados no comprueban apropiadamente la entrada enviada a determinados servicios a trav\u00e9s de TCP. Esto podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio permanente (requiriendo un reinicio del dispositivo) mediante el env\u00edo de paquetes TCP especialmente dise\u00f1ados"
}
],
"id": "CVE-2022-40227",
"lastModified": "2024-11-21T07:21:06.620",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.940",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}