Vulnerabilites related to siemens - siplus_net_cp_443-1
CVE-2022-43716 (GCVE-0-2022-43716)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_443-1", vendor: "siemens", versions: [ { lessThan: "v3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_443-1", vendor: "siemens", versions: [ { lessThan: "v3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_443-1_advanced", vendor: "siemens", versions: [ { lessThan: "v3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1242-7_gprs_v2", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1_dnp3", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1_iec", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-7_lte_eu", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-7_lte_us", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-8:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-8", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1542sp-1", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1542sp-1_irc", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1543sp-1", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1542sp-1_irc_tx_rail", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1543sp-1_isec", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1543sp-1_isec_tx_rail", vendor: "siemens", versions: [ { lessThan: "v2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_443-1_advanced", vendor: "siemens", versions: [ { lessThan: "v3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_1242-7_v2", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_s7-1200_cp_1243-1", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_s7-1200_cp_1243-1_rail", vendor: "siemens", versions: [ { lessThanOrEqual: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_tim_1531_irc", vendor: "siemens", versions: [ { lessThan: "v2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_tim_1531_irc", vendor: "siemens", versions: [ { lessThan: "v2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-43716", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T14:12:55.560896Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T14:35:43.227Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T13:40:06.265Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE EU", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE US", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:33:31.854Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-43716", datePublished: "2023-04-11T09:02:49.383Z", dateReserved: "2022-10-24T05:19:12.272Z", dateUpdated: "2024-09-10T09:33:31.854Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-43768 (GCVE-0-2022-43768)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2025-02-07 16:51
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC CP 1242-7 V2 |
Version: 0 < V3.4.29 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:40:06.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43768", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T16:50:58.868618Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-07T16:51:07.850Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE EU", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE US", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:33:34.861Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-43768", datePublished: "2023-04-11T09:02:51.623Z", dateReserved: "2022-10-26T11:27:16.347Z", dateUpdated: "2025-02-07T16:51:07.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-43767 (GCVE-0-2022-43767)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC CP 1242-7 V2 |
Version: 0 < V3.4.29 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1542sp-1", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1542sp-1_irc", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1543sp-1", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_443-1", vendor: "siemens", versions: [ { lessThan: "3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_443-1_advanced", vendor: "siemens", versions: [ { lessThan: "3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1542sp-1_irc_tx_rail", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1543sp-1_isec", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_et_200sp_cp_1543sp-1_isec_tx_rail", vendor: "siemens", versions: [ { lessThan: "2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_1242-7_v2", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_443-1", vendor: "siemens", versions: [ { lessThan: "3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_net_cp_443-1_advanced", vendor: "siemens", versions: [ { lessThan: "3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_s7-1200_cp_1243-1", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1242-7_v2", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1_dnp3", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-1_iec", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-7_lte_eu", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-7_lte_us", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_cp_1243-8_irc", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_s7-1200_cp_1243-1_rail", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "siplus_tim_1531_irc", vendor: "siemens", versions: [ { lessThan: "2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tim_1531_irc", vendor: "siemens", versions: [ { lessThan: "2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-43767", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-12T19:11:06.737320Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-12T20:11:32.129Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T13:40:06.317Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE EU", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE US", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543SP-1", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V2.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 1242-7 V2", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-1200 CP 1243-1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V3.4.29", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TIM 1531 IRC", vendor: "Siemens", versions: [ { lessThan: "V2.3.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-833", description: "CWE-833: Deadlock", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:33:33.351Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-43767", datePublished: "2023-04-11T09:02:50.497Z", dateReserved: "2022-10-26T11:27:16.347Z", dateUpdated: "2024-09-10T09:33:33.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-04-11 10:15
Modified
2024-11-21 07:27
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_cp_1242-7_v2_firmware | * | |
| siemens | simatic_cp_1242-7_v2 | - | |
| siemens | simatic_cp_1243-1_firmware | * | |
| siemens | simatic_cp_1243-1 | - | |
| siemens | simatic_cp_1243-1_dnp3_firmware | * | |
| siemens | simatic_cp_1243-1_dnp3 | - | |
| siemens | simatic_cp_1243-1_iec_firmware | * | |
| siemens | simatic_cp_1243-1_iec | - | |
| siemens | simatic_cp_1243-7_lte_eu_firmware | * | |
| siemens | simatic_cp_1243-7_lte_eu | - | |
| siemens | simatic_cp_1243-7_lte_us_firmware | * | |
| siemens | simatic_cp_1243-7_lte_us | - | |
| siemens | simatic_cp_1243-8_irc_firmware | * | |
| siemens | simatic_cp_1243-8_irc | - | |
| siemens | simatic_cp_1542sp-1_firmware | * | |
| siemens | simatic_cp_1542sp-1 | - | |
| siemens | simatic_cp_1542sp-1_irc_firmware | * | |
| siemens | simatic_cp_1542sp-1_irc | - | |
| siemens | simatic_cp_1543sp-1_firmware | * | |
| siemens | simatic_cp_1543sp-1 | - | |
| siemens | simatic_cp_443-1_firmware | * | |
| siemens | simatic_cp_443-1 | - | |
| siemens | simatic_cp_443-1_advanced_firmware | * | |
| siemens | simatic_cp_443-1_advanced | - | |
| siemens | simatic_ipc_diagbase_firmware | * | |
| siemens | simatic_ipc_diagbase | - | |
| siemens | simatic_ipc_diagmonitor_firmware | * | |
| siemens | simatic_ipc_diagmonitor | - | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail | - | |
| siemens | siplus_net_cp_1242-7_v2_firmware | * | |
| siemens | siplus_net_cp_1242-7_v2 | - | |
| siemens | siplus_net_cp_443-1_firmware | * | |
| siemens | siplus_net_cp_443-1 | - | |
| siemens | siplus_net_cp_443-1_advanced_firmware | * | |
| siemens | siplus_net_cp_443-1_advanced | - | |
| siemens | siplus_s7-1200_cp_1243-1_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1 | - | |
| siemens | siplus_s7-1200_cp_1243-1_rail_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1_rail | - | |
| siemens | siplus_tim_1531_irc_firmware | * | |
| siemens | siplus_tim_1531_irc | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "840C5C25-1E34-42FA-8221-7232622C204F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "29D4C72C-4E84-4563-9D66-5C641AB996BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE3D7928-8E1A-400E-B790-58D6F5938E3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA9BB25C-D5E3-43DE-8C73-06BDC43CA960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCF9D803-FF47-4400-B2C4-1F4EE28E5AA8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*", matchCriteriaId: "2FFBFB96-1A35-4724-831B-68E3A9C32921", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE5003DA-5488-47C1-B442-9137E849FDD5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE96226-A2DF-4A9E-8CBB-8D7CF328E404", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D43BC6-EDE3-4EE1-9410-4717EB641AD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "651C66E8-B3C0-4E88-BC7C-30BF16A7F7A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786F3FFD-87E4-45B9-A33C-BAE58379FF39", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9224A6-8A35-4F4F-951F-5B24B89E5FC8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2AA6B43-7FC7-465A-9CD8-E8A4D6DBCD27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "12A45F37-1E7D-4748-ADAC-EC4C454B693A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F51B86-57EE-4DB6-B038-06726BC93D2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0C868560-8BAE-462D-AED0-3C52EA9B6DB8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8648EF79-043D-48DE-B9F8-BF762862EE99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "E362CEA5-F47B-4294-8F2D-A0A7AC6FF390", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8B5C37-200C-4531-8876-3E05F3DE3EC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "843A8686-5172-4782-BB97-B5D3C6FB27A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCDA714C-5851-4E35-806F-E0C651A1E87A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F58423D0-954E-426E-9F8F-3DD95FBDF50C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "418A9C80-BEFD-4A1F-B1BB-6C45A9267A44", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagbase_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "530FD06D-E020-4EB3-87DD-F7B2FEE58008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagbase:-:*:*:*:*:*:*:*", matchCriteriaId: "8784BA58-12BF-4F1C-94D6-2D15933703C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91371CD0-EBDF-43C5-A262-A46E1C343716", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*", matchCriteriaId: "A5E06833-4C26-40AC-B6CF-F7D1322462D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE009635-7EC7-4A2F-B1FA-DD75213A25CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "FF3E5DDA-1BD4-4511-A2C8-4B5D40E6755E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9054A7B6-9569-4D65-9695-A0FFA4F56C74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*", matchCriteriaId: "A60FC550-A518-46BF-9124-E21DD654981C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F488C27-C8B9-4238-8409-AB7ACA3BC849", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "25634AD2-2CC0-45AF-B5DE-39D30CBA91A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FE26E32-47C0-4976-A23A-07C1AE318C35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "116E84DA-31F7-4AAC-A1AE-491C4C98BD49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45B95689-C355-4CF1-AE7A-0860E4CEA11A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "21F04D79-5815-4D36-8AA5-4866751D0DDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94CC55CF-9BA3-4BE7-9654-F6B6C4F0DA62", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "2498071A-6540-4147-8D01-3B81A5CE9A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E700BF4C-64B1-455C-A6A6-3E4D71FB91B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F9E746CF-4009-4A14-8916-A9E0276CAF8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B3C83EF-5D93-4F0B-80F9-997261F3DBA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "4A294530-727C-4535-8B02-668DF74587D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C616E50-1F96-4A87-8470-1BA8732FCB77", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "074FDC9C-CB36-4C67-82C8-1B930FF1269F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4646AF8C-B871-4F9E-85A4-ECE8F13AFB21", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.", }, ], id: "CVE-2022-43768", lastModified: "2024-11-21T07:27:11.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2023-04-11T10:15:17.617", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-11 10:15
Modified
2024-11-21 07:27
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_cp_1242-7_v2_firmware | * | |
| siemens | simatic_cp_1242-7_v2 | - | |
| siemens | simatic_cp_1243-1_firmware | * | |
| siemens | simatic_cp_1243-1 | - | |
| siemens | simatic_cp_1243-1_dnp3_firmware | * | |
| siemens | simatic_cp_1243-1_dnp3 | - | |
| siemens | simatic_cp_1243-1_iec_firmware | * | |
| siemens | simatic_cp_1243-1_iec | - | |
| siemens | simatic_cp_1243-7_lte_eu_firmware | * | |
| siemens | simatic_cp_1243-7_lte_eu | - | |
| siemens | simatic_cp_1243-7_lte_us_firmware | * | |
| siemens | simatic_cp_1243-7_lte_us | - | |
| siemens | simatic_cp_1243-8_irc_firmware | * | |
| siemens | simatic_cp_1243-8_irc | - | |
| siemens | simatic_cp_1542sp-1_firmware | * | |
| siemens | simatic_cp_1542sp-1 | - | |
| siemens | simatic_cp_1542sp-1_irc_firmware | * | |
| siemens | simatic_cp_1542sp-1_irc | - | |
| siemens | simatic_cp_1543sp-1_firmware | * | |
| siemens | simatic_cp_1543sp-1 | - | |
| siemens | simatic_cp_443-1_firmware | * | |
| siemens | simatic_cp_443-1 | - | |
| siemens | simatic_cp_443-1_advanced_firmware | * | |
| siemens | simatic_cp_443-1_advanced | - | |
| siemens | simatic_ipc_diagbase_firmware | * | |
| siemens | simatic_ipc_diagbase | - | |
| siemens | simatic_ipc_diagmonitor_firmware | * | |
| siemens | simatic_ipc_diagmonitor | - | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail | - | |
| siemens | siplus_net_cp_1242-7_v2_firmware | * | |
| siemens | siplus_net_cp_1242-7_v2 | - | |
| siemens | siplus_net_cp_443-1_firmware | * | |
| siemens | siplus_net_cp_443-1 | - | |
| siemens | siplus_net_cp_443-1_advanced_firmware | * | |
| siemens | siplus_net_cp_443-1_advanced | - | |
| siemens | siplus_s7-1200_cp_1243-1_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1 | - | |
| siemens | siplus_s7-1200_cp_1243-1_rail_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1_rail | - | |
| siemens | siplus_tim_1531_irc_firmware | * | |
| siemens | siplus_tim_1531_irc | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "840C5C25-1E34-42FA-8221-7232622C204F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "29D4C72C-4E84-4563-9D66-5C641AB996BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE3D7928-8E1A-400E-B790-58D6F5938E3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA9BB25C-D5E3-43DE-8C73-06BDC43CA960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCF9D803-FF47-4400-B2C4-1F4EE28E5AA8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*", matchCriteriaId: "2FFBFB96-1A35-4724-831B-68E3A9C32921", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE5003DA-5488-47C1-B442-9137E849FDD5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE96226-A2DF-4A9E-8CBB-8D7CF328E404", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D43BC6-EDE3-4EE1-9410-4717EB641AD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "651C66E8-B3C0-4E88-BC7C-30BF16A7F7A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786F3FFD-87E4-45B9-A33C-BAE58379FF39", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9224A6-8A35-4F4F-951F-5B24B89E5FC8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2AA6B43-7FC7-465A-9CD8-E8A4D6DBCD27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "12A45F37-1E7D-4748-ADAC-EC4C454B693A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F51B86-57EE-4DB6-B038-06726BC93D2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0C868560-8BAE-462D-AED0-3C52EA9B6DB8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8648EF79-043D-48DE-B9F8-BF762862EE99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "E362CEA5-F47B-4294-8F2D-A0A7AC6FF390", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8B5C37-200C-4531-8876-3E05F3DE3EC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "843A8686-5172-4782-BB97-B5D3C6FB27A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCDA714C-5851-4E35-806F-E0C651A1E87A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F58423D0-954E-426E-9F8F-3DD95FBDF50C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "418A9C80-BEFD-4A1F-B1BB-6C45A9267A44", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagbase_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "530FD06D-E020-4EB3-87DD-F7B2FEE58008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagbase:-:*:*:*:*:*:*:*", matchCriteriaId: "8784BA58-12BF-4F1C-94D6-2D15933703C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91371CD0-EBDF-43C5-A262-A46E1C343716", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*", matchCriteriaId: "A5E06833-4C26-40AC-B6CF-F7D1322462D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE009635-7EC7-4A2F-B1FA-DD75213A25CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "FF3E5DDA-1BD4-4511-A2C8-4B5D40E6755E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9054A7B6-9569-4D65-9695-A0FFA4F56C74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*", matchCriteriaId: "A60FC550-A518-46BF-9124-E21DD654981C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F488C27-C8B9-4238-8409-AB7ACA3BC849", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "25634AD2-2CC0-45AF-B5DE-39D30CBA91A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FE26E32-47C0-4976-A23A-07C1AE318C35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "116E84DA-31F7-4AAC-A1AE-491C4C98BD49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45B95689-C355-4CF1-AE7A-0860E4CEA11A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "21F04D79-5815-4D36-8AA5-4866751D0DDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94CC55CF-9BA3-4BE7-9654-F6B6C4F0DA62", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "2498071A-6540-4147-8D01-3B81A5CE9A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E700BF4C-64B1-455C-A6A6-3E4D71FB91B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F9E746CF-4009-4A14-8916-A9E0276CAF8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B3C83EF-5D93-4F0B-80F9-997261F3DBA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "4A294530-727C-4535-8B02-668DF74587D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C616E50-1F96-4A87-8470-1BA8732FCB77", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "074FDC9C-CB36-4C67-82C8-1B930FF1269F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4646AF8C-B871-4F9E-85A4-ECE8F13AFB21", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.", }, ], id: "CVE-2022-43716", lastModified: "2024-11-21T07:27:07.160", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2023-04-11T10:15:17.467", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-11 10:15
Modified
2024-11-21 07:27
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-139628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-566905.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_cp_1242-7_v2_firmware | * | |
| siemens | simatic_cp_1242-7_v2 | - | |
| siemens | simatic_cp_1243-1_firmware | * | |
| siemens | simatic_cp_1243-1 | - | |
| siemens | simatic_cp_1243-1_dnp3_firmware | * | |
| siemens | simatic_cp_1243-1_dnp3 | - | |
| siemens | simatic_cp_1243-1_iec_firmware | * | |
| siemens | simatic_cp_1243-1_iec | - | |
| siemens | simatic_cp_1243-7_lte_eu_firmware | * | |
| siemens | simatic_cp_1243-7_lte_eu | - | |
| siemens | simatic_cp_1243-7_lte_us_firmware | * | |
| siemens | simatic_cp_1243-7_lte_us | - | |
| siemens | simatic_cp_1243-8_irc_firmware | * | |
| siemens | simatic_cp_1243-8_irc | - | |
| siemens | simatic_cp_1542sp-1_firmware | * | |
| siemens | simatic_cp_1542sp-1 | - | |
| siemens | simatic_cp_1542sp-1_irc_firmware | * | |
| siemens | simatic_cp_1542sp-1_irc | - | |
| siemens | simatic_cp_1543sp-1_firmware | * | |
| siemens | simatic_cp_1543sp-1 | - | |
| siemens | simatic_cp_443-1_firmware | * | |
| siemens | simatic_cp_443-1 | - | |
| siemens | simatic_cp_443-1_advanced_firmware | * | |
| siemens | simatic_cp_443-1_advanced | - | |
| siemens | simatic_ipc_diagbase_firmware | * | |
| siemens | simatic_ipc_diagbase | - | |
| siemens | simatic_ipc_diagmonitor_firmware | * | |
| siemens | simatic_ipc_diagmonitor | - | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1542sp-1_irc_tx_rail | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec | - | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware | * | |
| siemens | siplus_et_200sp_cp_1543sp-1_isec_tx_rail | - | |
| siemens | siplus_net_cp_1242-7_v2_firmware | * | |
| siemens | siplus_net_cp_1242-7_v2 | - | |
| siemens | siplus_net_cp_443-1_firmware | * | |
| siemens | siplus_net_cp_443-1 | - | |
| siemens | siplus_net_cp_443-1_advanced_firmware | * | |
| siemens | siplus_net_cp_443-1_advanced | - | |
| siemens | siplus_s7-1200_cp_1243-1_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1 | - | |
| siemens | siplus_s7-1200_cp_1243-1_rail_firmware | * | |
| siemens | siplus_s7-1200_cp_1243-1_rail | - | |
| siemens | siplus_tim_1531_irc_firmware | * | |
| siemens | siplus_tim_1531_irc | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "840C5C25-1E34-42FA-8221-7232622C204F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "29D4C72C-4E84-4563-9D66-5C641AB996BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE3D7928-8E1A-400E-B790-58D6F5938E3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA9BB25C-D5E3-43DE-8C73-06BDC43CA960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCF9D803-FF47-4400-B2C4-1F4EE28E5AA8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*", matchCriteriaId: "2FFBFB96-1A35-4724-831B-68E3A9C32921", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE5003DA-5488-47C1-B442-9137E849FDD5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE96226-A2DF-4A9E-8CBB-8D7CF328E404", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D43BC6-EDE3-4EE1-9410-4717EB641AD0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "651C66E8-B3C0-4E88-BC7C-30BF16A7F7A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "786F3FFD-87E4-45B9-A33C-BAE58379FF39", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9224A6-8A35-4F4F-951F-5B24B89E5FC8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2AA6B43-7FC7-465A-9CD8-E8A4D6DBCD27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "12A45F37-1E7D-4748-ADAC-EC4C454B693A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F51B86-57EE-4DB6-B038-06726BC93D2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0C868560-8BAE-462D-AED0-3C52EA9B6DB8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8648EF79-043D-48DE-B9F8-BF762862EE99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "E362CEA5-F47B-4294-8F2D-A0A7AC6FF390", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8B5C37-200C-4531-8876-3E05F3DE3EC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "843A8686-5172-4782-BB97-B5D3C6FB27A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCDA714C-5851-4E35-806F-E0C651A1E87A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F58423D0-954E-426E-9F8F-3DD95FBDF50C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "418A9C80-BEFD-4A1F-B1BB-6C45A9267A44", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagbase_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "530FD06D-E020-4EB3-87DD-F7B2FEE58008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagbase:-:*:*:*:*:*:*:*", matchCriteriaId: "8784BA58-12BF-4F1C-94D6-2D15933703C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91371CD0-EBDF-43C5-A262-A46E1C343716", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*", matchCriteriaId: "A5E06833-4C26-40AC-B6CF-F7D1322462D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE009635-7EC7-4A2F-B1FA-DD75213A25CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "FF3E5DDA-1BD4-4511-A2C8-4B5D40E6755E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9054A7B6-9569-4D65-9695-A0FFA4F56C74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*", matchCriteriaId: "A60FC550-A518-46BF-9124-E21DD654981C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F488C27-C8B9-4238-8409-AB7ACA3BC849", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "25634AD2-2CC0-45AF-B5DE-39D30CBA91A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7FE26E32-47C0-4976-A23A-07C1AE318C35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "116E84DA-31F7-4AAC-A1AE-491C4C98BD49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45B95689-C355-4CF1-AE7A-0860E4CEA11A", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "21F04D79-5815-4D36-8AA5-4866751D0DDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_net_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94CC55CF-9BA3-4BE7-9654-F6B6C4F0DA62", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "2498071A-6540-4147-8D01-3B81A5CE9A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E700BF4C-64B1-455C-A6A6-3E4D71FB91B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F9E746CF-4009-4A14-8916-A9E0276CAF8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B3C83EF-5D93-4F0B-80F9-997261F3DBA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*", matchCriteriaId: "4A294530-727C-4535-8B02-668DF74587D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siplus_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C616E50-1F96-4A87-8470-1BA8732FCB77", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "074FDC9C-CB36-4C67-82C8-1B930FF1269F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4646AF8C-B871-4F9E-85A4-ECE8F13AFB21", versionEndExcluding: "2.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.", }, ], id: "CVE-2022-43767", lastModified: "2024-11-21T07:27:11.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Primary", }, ], }, published: "2023-04-11T10:15:17.540", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-833", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }