GSD-2023-38380
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1543-1 (All versions), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (All versions). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.
An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-38380",
"id": "GSD-2023-38380"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-38380"
],
"details": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1543-1 (All versions), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS NET CP 1543-1 (All versions). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.",
"id": "GSD-2023-38380",
"modified": "2023-12-13T01:20:35.938849Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2023-38380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.4.29"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.4.29"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.4.29"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-7 LTE",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.4.29"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-8 IRC",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.4.29"
}
]
}
},
{
"product_name": "SIMATIC CP 1543-1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.0.37"
}
]
}
},
{
"product_name": "SINAMICS S210 (6SL5...)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V6.1",
"version_value": "V6.1 HF2"
}
]
}
},
{
"product_name": "SIPLUS NET CP 1543-1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V3.0.37"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions \u003c V3.0.37), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions \u003c V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-401",
"lang": "eng",
"value": "CWE-401: Missing Release of Memory after Effective Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk7243-8rx30-0xe0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD0600-DB41-4DE8-97FC-2D180DA1406F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk7243-8rx30-0xe0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A50A52E7-D8FE-4071-99B3-3652B0892D07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk7543-1ax00-0xe0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7C15EC-3C83-434B-A313-9035302EEF87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk7543-1ax00-0xe0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E42E7B79-A3D2-4AAC-80E2-7E5C19A72CC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6ag1543-1ax00-2xe0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9373F60E-03D0-4EB2-9774-6479A8F342C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6ag1543-1ax00-2xe0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9063778-2B5F-4A32-83C8-6CEB9EE8F9C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A2C7F2-F787-4770-8F56-E2AFF1AFD780",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D4C72C-4E84-4563-9D66-5C641AB996BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "373B769D-0E60-4362-BAE1-90BA6E0B211C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9BB25C-D5E3-43DE-8C73-06BDC43CA960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1158D559-2A46-4BE4-B16E-C2789AD3C60E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFBFB96-1A35-4724-831B-68E3A9C32921",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3E8B50-07E9-4697-B42D-86B9BE942553",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE96226-A2DF-4A9E-8CBB-8D7CF328E404",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC29937-7A70-4A9F-89F8-8D17E285C225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFC3319-F07C-4784-9873-3E1907FE3080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BEBF14B3-65A0-41E9-B99C-D88548F307CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F151297C-3097-483F-98B5-0261BD547421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1_hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "4CEAB952-BBF0-4585-8F12-F25A192FAA1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:-:*:*:*:*:*:*",
"matchCriteriaId": "7F4D3F85-4CA5-438E-955E-C039F7DE91B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "59608DD3-87C3-4ED1-B0C2-AFD31A7A70A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "EA3D3D7E-CB48-4B8D-8101-CB0DADEEC0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "6F8FC52F-3648-410B-8BCB-76129ABC0D4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix7:*:*:*:*:*:*",
"matchCriteriaId": "59BDCF31-2D94-4D7D-9EC8-60726B10DFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3:*:*:*:*:*:*",
"matchCriteriaId": "D62C3EEA-000C-41CD-8264-4A4B6AE1BAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "EF00EE34-1A68-40F0-A9FC-FBBF268C6400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "C6BB896A-8C42-416E-AE03-D5A0E122BA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "B18F1100-8157-4E99-AB22-BF51EB1663B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "AA9B1D54-E3A0-4EFF-8EB2-A52B8E1F117F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:-:*:*:*:*:*:*",
"matchCriteriaId": "E509394F-9987-41D2-A866-68479FF39DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2DEB162B-6579-4280-9BCC-403C1B351002",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions \u003c V3.0.37), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions \u003c V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nSIMATIC CP 1242-7 V2 (incluidas las variantes SIPLUS) (todas las versiones), \nSIMATIC CP 1243-1 (incluidas las variantes SIPLUS) (todas las versiones), \nSIMATIC CP 1243-1 DNP3 (incluidas las variantes SIPLUS) ) (todas las versiones), \nSIMATIC CP 1243-1 IEC (incl. variantes SIPLUS) (todas las versiones), \nSIMATIC CP 1243-7 LTE (todas las versiones), \nSIMATIC CP 1243-8 IRC (todas las versiones), \nSIMATIC CP 1543-1 (Todas las versiones), \nSINAMICS S210 (6SL5...) (Todas las versiones \u0026gt;= V6.1 \u0026lt; V6.1 HF2), \nSIPLUS NET CP 1543-1 (Todas las versiones). \nLa implementaci\u00f3n del servidor web de los productos afectados no libera correctamente la memoria asignada una vez utilizada. Un atacante con acceso a la red podr\u00eda utilizar esta vulnerabilidad para provocar una condici\u00f3n de denegaci\u00f3n de servicio en el servidor web del producto afectado."
}
],
"id": "CVE-2023-38380",
"lastModified": "2024-03-12T11:15:46.323",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:11.477",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…