All the vulnerabilites related to Siemens - TIM 1531 IRC
cve-2023-50763
Vulnerability from cvelistv5
Published
2024-06-11 11:15
Modified
2024-08-02 22:16
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains.
This could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T13:16:37.494371Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T13:16:47.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:47.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains.\r\n\r\nThis could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T12:04:34.906Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-50763",
"datePublished": "2024-06-11T11:15:18.921Z",
"dateReserved": "2023-12-13T11:47:39.148Z",
"dateUpdated": "2024-08-02T22:16:47.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37205
Vulnerability from cvelistv5
Published
2022-02-09 15:16
Modified
2025-04-18 18:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-37205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:12:33.320440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T18:29:47.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.5.0 \u003c V4.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.0 \u003c V4.0 SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:01:55.468Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-37205",
"datePublished": "2022-02-09T15:16:57.000Z",
"dateReserved": "2021-07-21T00:00:00.000Z",
"dateUpdated": "2025-04-18T18:29:47.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-30756
Vulnerability from cvelistv5
Published
2024-09-10 09:33
Modified
2024-09-10 15:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference.
This could allow a remote attacker with no privileges to cause a denial of service condition in the system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:09:52.396615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:10:00.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference.\r\n\r\nThis could allow a remote attacker with no privileges to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:40.640Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-30756",
"datePublished": "2024-09-10T09:33:40.640Z",
"dateReserved": "2023-04-14T11:16:56.497Z",
"dateUpdated": "2024-09-10T15:10:00.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44693
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:45
Severity ?
EPSS score ?
Summary
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-44693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:15:17.856761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:45:41.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1504D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1507D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511T-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513R-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515T-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T09:31:53.197Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-44693",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2021-12-07T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:45:41.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43716
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1242-7_gprs_v2",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_dnp3",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_iec",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_eu",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_us",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-8",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1543sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1_rail",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:12:55.560896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:35:43.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:31.854Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43716",
"datePublished": "2023-04-11T09:02:49.383Z",
"dateReserved": "2022-10-24T05:19:12.272Z",
"dateUpdated": "2024-09-10T09:33:31.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37204
Vulnerability from cvelistv5
Published
2022-02-09 15:16
Modified
2025-04-18 18:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-37204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:12:37.070496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T18:33:01.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.5.0 \u003c V4.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.0 \u003c V4.0 SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672: Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:01:54.435Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-37204",
"datePublished": "2022-02-09T15:16:56.000Z",
"dateReserved": "2021-07-21T00:00:00.000Z",
"dateUpdated": "2025-04-18T18:33:01.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43768
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2025-02-07 16:51
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:50:58.868618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:51:07.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:34.861Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43768",
"datePublished": "2023-04-11T09:02:51.623Z",
"dateReserved": "2022-10-26T11:27:16.347Z",
"dateUpdated": "2025-02-07T16:51:07.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37185
Vulnerability from cvelistv5
Published
2022-02-09 15:16
Modified
2025-04-18 18:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-37185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:12:41.029825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T18:33:19.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.5.0 \u003c V4.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.9.2 \u003c V2.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V21.9 \u003c V21.9.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V4.0 \u003c V4.0 SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672: Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:01:53.394Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-37185",
"datePublished": "2022-02-09T15:16:44.000Z",
"dateReserved": "2021-07-21T00:00:00.000Z",
"dateUpdated": "2025-04-18T18:33:19.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28827
Vulnerability from cvelistv5
Published
2024-09-10 09:33
Modified
2024-09-10 15:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain requests, causing a timeout in the watchdog, which could lead to the clean up of pointers.
This could allow a remote attacker to cause a denial of service condition in the system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:10:54.020229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:11:03.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle certain requests, causing a timeout in the watchdog, which could lead to the clean up of pointers. \r\n\r\nThis could allow a remote attacker to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:37.794Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28827",
"datePublished": "2024-09-10T09:33:37.794Z",
"dateReserved": "2023-03-24T15:17:29.557Z",
"dateUpdated": "2024-09-10T15:11:03.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40365
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:45
Severity ?
EPSS score ?
Summary
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:09.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:12:11.646488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:45:50.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1504D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1507D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511T-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513R-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515T-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T09:31:51.565Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-40365",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2021-09-01T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:45:50.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44694
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:45
Severity ?
EPSS score ?
Summary
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-44694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:15:14.254940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:45:31.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1504D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1507D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511T-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513R-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515T-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T09:31:54.785Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-44694",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2021-12-07T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:45:31.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44695
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:45
Severity ?
EPSS score ?
Summary
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-44695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:15:10.642001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:45:22.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1504D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Drive Controller CPU 1507D TF",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511T-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512C-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1513R-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515T-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1511F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1513F-1 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.9.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1517H-3 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T09:31:56.466Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-44695",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2021-12-07T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:45:22.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43767
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1543sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_dnp3",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_iec",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_eu",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_us",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-8_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T19:11:06.737320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T20:11:32.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-833",
"description": "CWE-833: Deadlock",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:33.351Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43767",
"datePublished": "2023-04-11T09:02:50.497Z",
"dateReserved": "2022-10-26T11:27:16.347Z",
"dateUpdated": "2024-09-10T09:33:33.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40225
Vulnerability from cvelistv5
Published
2024-06-11 14:19
Modified
2024-08-03 12:14
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Siemens | SIPLUS TIM 1531 IRC | |
| Siemens | TIM 1531 IRC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T17:07:47.612023Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T17:09:13.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681: Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:19:40.068Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40225",
"datePublished": "2024-06-11T14:19:40.068Z",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-30755
Vulnerability from cvelistv5
Published
2024-09-10 09:33
Modified
2024-09-10 15:10
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
5.9 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
5.9 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources.
This could allow a remote attacker with elevated privileges to cause a denial of service condition in the system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:10:26.969445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:10:35.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources. \r\n\r\nThis could allow a remote attacker with elevated privileges to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:39.215Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-30755",
"datePublished": "2024-09-10T09:33:39.215Z",
"dateReserved": "2023-04-14T11:16:56.497Z",
"dateUpdated": "2024-09-10T15:10:35.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202108-2236
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once. Multiple Siemens products contain fraudulent authentication vulnerabilities.Information may be obtained. Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 are the products of Germany Siemens (Siemens) company. The SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. The SIMATIC S7-1500 is a programmable logic controller. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-2236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "siplus cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu-1516f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1507d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516pro-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1517f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1510sp-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1215c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1515t-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511tf-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1212c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1217c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1215fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "siplus cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1511f-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1517tf-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1512sp f-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516tf-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1513pro f-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1515r-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1512sp-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1516t-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1512sp f-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1516-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1212fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1515tf-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1511c-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1211c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "siplus cpu 1511-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2."
},
{
"model": "siplus cpu 1516-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 software controller",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.9"
},
{
"model": "cpu 1516-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1516pro f-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1517t-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1512sp f-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1517-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu1510sp f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1513r-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1511t-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1214fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1214c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "cpu 1512c-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1518f-4 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1517t-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516pro f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "siplus cpu-1516f-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1510sp-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1512sp-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516pro-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1518f-4 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "simatic s7-1500 software controller",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "simatic s7 plcsim advanced",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus cpu 1512sp-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1517f-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1504d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7 plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "cpu 1515t-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515sp pc2 tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.9"
},
{
"model": "cpu 1511tf-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1513f-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1516f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1513-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1513f-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511f-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1510sp f-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511f-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1511f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1517tf-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1510sp f-1pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1513pro f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515r-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1512sp-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516t-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515tf-2 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1518-4 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511c-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "siplus cpu 1511-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1516tf-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1512c-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1517-3 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1513-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1512sp f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1513r-1 pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu 1511t-1pn",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "cpu1510sp f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "cpu 1515f-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "siplus cpu 1518-4 pn\\/dp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.5"
},
{
"model": "tim 1531 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "cpu 1504d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "cpu 1507d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.9.2"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 plcsim advanced",
"scope": "gt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2,\u003cv4"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.4"
},
{
"model": "simatic s7-1500 cpu family",
"scope": "gt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.5,\u003cv2.9.2"
},
{
"model": "simatic s7-1500 software controller",
"scope": "gt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.5"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531v2.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
}
],
"trust": 0.6
},
"cve": "CVE-2020-28397",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-28397",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-61122",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2020-28397",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2020-28397",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-28397",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-28397",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-61122",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-879",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-28397",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once. Multiple Siemens products contain fraudulent authentication vulnerabilities.Information may be obtained. Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 are the products of Germany Siemens (Siemens) company. The SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. The SIMATIC S7-1500 is a programmable logic controller. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-28397",
"trust": 3.9
},
{
"db": "SIEMENS",
"id": "SSA-865327",
"trust": 2.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61122",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-257-23",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081110",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-28397",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"id": "VAR-202108-2236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
}
],
"trust": 1.4032859711111112
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
}
]
},
"last_update_date": "2024-08-14T12:40:19.181000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-865327",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
},
{
"title": "Patch for Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Improper Authorization Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285461"
},
{
"title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159714"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9cd5926ec23281f7dbb4df33b5aa9ff5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "Illegal authentication (CWE-863) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28397"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-257-23"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-information-disclosure-via-incorrect-authorization-check-36091"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081110"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-865327.txt"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"date": "2021-08-10T00:00:00",
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"date": "2022-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"date": "2021-08-10T11:15:07.423000",
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61122"
},
{
"date": "2021-08-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-28397"
},
{
"date": "2022-07-05T02:10:00",
"db": "JVNDB",
"id": "JVNDB-2021-010547"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-879"
},
{
"date": "2021-12-10T19:57:38.487000",
"db": "NVD",
"id": "CVE-2020-28397"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-879"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fraudulent authentication vulnerabilities in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010547"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
var-202202-0370
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products are vulnerable to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202202-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "tim 1531 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "tim 1531 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu family",
"scope": "gt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.5,\u003cv2.9.2"
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.9.4"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "gte",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.5.0\u003cv4.5.2"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003e=v2.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
}
],
"trust": 0.6
},
"cve": "CVE-2021-37205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-37205",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-10002",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-37205",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-005069",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-37205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2021-37205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-37205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-10002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202202-550",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products are vulnerable to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37205"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNVD",
"id": "CNVD-2022-10002"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-37205",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-838121",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-041-01",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU98748974",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-10002",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021105",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0605",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"id": "VAR-202202-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
}
],
"trust": 1.346276972
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
}
]
},
"last_update_date": "2024-08-14T12:22:53.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-838121",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"title": "Patch for Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10002)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/318451"
},
{
"title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=181689"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.0
},
{
"problemtype": "Lack of memory release after expiration (CWE-401) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37205"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98748974/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0605"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021105"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"date": "2023-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"date": "2022-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"date": "2022-02-09T16:15:13.393000",
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10002"
},
{
"date": "2023-05-16T08:46:00",
"db": "JVNDB",
"id": "JVNDB-2022-005069"
},
{
"date": "2023-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-550"
},
{
"date": "2023-04-11T10:15:10.077000",
"db": "NVD",
"id": "CVE-2021-37205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of Freeing Memory After Expiration Vulnerability in Multiple Siemens Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005069"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-550"
}
],
"trust": 0.6
}
}
var-202103-1464
Vulnerability from variot
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). OpenSSL is an open source general encryption library of the Openssl team that can implement the Secure Sockets Layer (SSLv2/v3) and Transport Layer Security (TLSv1) protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. Description:
Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers.
Bug Fix(es):
-
WMCO patch pub-key-hash annotation to Linux node (BZ#1945248)
-
LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath (BZ#1952917)
-
Telemetry info not completely available to identify windows nodes (BZ#1955319)
-
WMCO incorrectly shows node as ready after a failed configuration (BZ#1956412)
-
kube-proxy service terminated unexpectedly after recreated LB service (BZ#1963263)
-
Solution:
For Windows Machine Config Operator upgrades, see the following documentation:
https://docs.openshift.com/container-platform/4.7/windows_containers/window s-node-upgrades.html
- Bugs fixed (https://bugzilla.redhat.com/):
1945248 - WMCO patch pub-key-hash annotation to Linux node 1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM 1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath 1955319 - Telemetry info not completely available to identify windows nodes 1956412 - WMCO incorrectly shows node as ready after a failed configuration 1963263 - kube-proxy service terminated unexpectedly after recreated LB service
- Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve
- JIRA issues fixed (https://issues.jboss.org/):
TRACING-1725 - Elasticsearch operator reports x509 errors communicating with ElasticSearch in OpenShift Service Mesh project
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Security Fix(es):
-
jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
-
jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
-
jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
-
jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
-
jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
-
jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
-
jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-35728)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-36184)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource (CVE-2020-36185)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource (CVE-2020-36186)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource (CVE-2020-36187)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource (CVE-2020-36188)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc e (CVE-2020-36189)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing (CVE-2021-20190)
-
jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
-
jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2021:1232
All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor
For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
1666415 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class 1666418 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 1666423 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes 1666428 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class 1666482 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class 1666484 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class 1666489 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class 1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution 1859004 - Sometimes the eventrouter couldn't gather event logs. 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1909266 - CVE-2020-35490 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 1909269 - CVE-2020-35491 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 1911502 - CVE-2020-35728 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 1913871 - CVE-2020-36179 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 1913872 - CVE-2020-36180 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 1913874 - CVE-2020-36181 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 1913926 - CVE-2020-36182 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 1913927 - CVE-2020-36183 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 1913928 - CVE-2020-36184 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 1913929 - CVE-2020-36185 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 1913931 - CVE-2020-36186 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 1913933 - CVE-2020-36187 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 1913934 - CVE-2020-36188 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 1913937 - CVE-2020-36189 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 1916633 - CVE-2021-20190 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 1925361 - [4.6] ClusterLogForwarder namespace-specific log forwarding does not work as expected 1950894 - Placeholder bug for OCP 4.6.0 extras release
Bug fix:
-
RHACM 2.0.10 images (BZ #1940452)
-
Bugs fixed (https://bugzilla.redhat.com/):
1940452 - RHACM 2.0.10 images 1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function
- Description:
Red Hat Advanced Cluster Management for Kubernetes 2.1.6 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
Bug fixes:
-
RHACM 2.1.6 images (BZ#1940581)
-
When generating the import cluster string, it can include unescaped characters (BZ#1934184)
-
Bugs fixed (https://bugzilla.redhat.com/):
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1929338 - CVE-2020-35149 mquery: Code injection via merge or clone operation 1934184 - When generating the import cluster string, it can include unescaped characters 1940581 - RHACM 2.1.6 images
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 security update Advisory ID: RHSA-2021:1199-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2021:1199 Issue date: 2021-04-14 CVE Names: CVE-2021-3449 CVE-2021-3450 ==================================================================== 1. Summary:
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64
- Description:
This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
- openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
- openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1941547 - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT 1941554 - CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing
- Package List:
Red Hat JBoss Core Services on RHEL 7 Server:
Source: jbcs-httpd24-httpd-2.4.37-70.jbcs.el7.src.rpm jbcs-httpd24-mod_cluster-native-1.3.14-20.Final_redhat_2.jbcs.el7.src.rpm jbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.src.rpm jbcs-httpd24-mod_jk-1.2.48-13.redhat_1.jbcs.el7.src.rpm jbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.src.rpm jbcs-httpd24-mod_security-2.9.2-60.GA.jbcs.el7.src.rpm jbcs-httpd24-nghttp2-1.39.2-37.jbcs.el7.src.rpm jbcs-httpd24-openssl-1.1.1g-6.jbcs.el7.src.rpm jbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.src.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.src.rpm
noarch: jbcs-httpd24-httpd-manual-2.4.37-70.jbcs.el7.noarch.rpm
ppc64: jbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_http2-debuginfo-1.15.7-14.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_md-debuginfo-2.0.8-33.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-chil-debuginfo-1.0.0-5.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-20.jbcs.el7.ppc64.rpm
x86_64: jbcs-httpd24-httpd-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-debuginfo-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-devel-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-selinux-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-tools-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_cluster-native-1.3.14-20.Final_redhat_2.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_cluster-native-debuginfo-1.3.14-20.Final_redhat_2.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_http2-debuginfo-1.15.7-14.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-ap24-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-debuginfo-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-manual-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ldap-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_md-debuginfo-2.0.8-33.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_proxy_html-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-2.9.2-60.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.2-60.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_session-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ssl-2.4.37-70.jbcs.el7.x86_64.rpm jbcs-httpd24-nghttp2-1.39.2-37.jbcs.el7.x86_64.rpm jbcs-httpd24-nghttp2-debuginfo-1.39.2-37.jbcs.el7.x86_64.rpm jbcs-httpd24-nghttp2-devel-1.39.2-37.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-1.1.1g-6.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-chil-debuginfo-1.0.0-5.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.1.1g-6.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-devel-1.1.1g-6.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-libs-1.1.1g-6.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-perl-1.1.1g-6.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-20.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-static-1.1.1g-6.jbcs.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYHcQ4tzjgjWX9erEAQg5Zg/9FciPflU5YnbBIktqUgZAzkgIaZf3cp/A vYQu1D/5oRwfvcdbhtzgYBVB5Ha+Ut1QQRHix/3QkD2v4+pF2eAnfe6TN2ftgKyJ Qw1oOs0HGdUzSkxboZESkTGiSmaCLT7fn7dHvJ1cH0rfQx7ngYRPGLPAbSHqOaQZ gkRYTZGl+jBG/a91XBMoa+QRFT0+yQX4ps2oEGiMWZMIfWOrC4iU9NnudR1CDGE7 SWzDmjAIKP2xjfi6UVwTuuq64ROju9ginT5KPwj42Btfatnj6nTF4CIoWyfBm9LK CLBXeJOfjQUB/vjiTeLh47d1rMt7H5Jjck8imL6nfdAkzG+SKQA3yxjHztdmEFyX aDQR6T5X2lPBPdtHE0qaunS5lb/XRWh7xTQ3k34iTYvIN2wd2KqP78TwXSMEKWlV ddGQul2vakBXn4C2waTvuJE6JvvwS4Q8zQ1plpW1uOuGIRn1XAxJWV+Wkmt5eBg6 AbyXUMM7pLKiUNP1L0k7nKKx5Ta3HlnpvOpXMDlvccxwEAWoVqZ+nrmUe9bG67DK 1yEp/DR/XpKLPjCwBEW+i+nZUSpTyKe3+J962KoSJ/HISVRZaicBmGiQDCKCEbPr hnhoDO+7Y0A1GlmAd3ZkHu+k97louMpIkRsghdZ7el3D1Hx2EhP/HSQqHI5QCyMl qQeHglPylHU=m11c -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-1464",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic pdm",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "9.1.0.7"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "14.14.0"
},
{
"model": "scalance w700",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "6.5"
},
{
"model": "multi-domain management",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r81"
},
{
"model": "web gateway cloud service",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "10.1.1"
},
{
"model": "simatic logon",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "web gateway cloud service",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.10"
},
{
"model": "log correlation engine",
"scope": "lt",
"trust": 1.0,
"vendor": "tenable",
"version": "6.0.9"
},
{
"model": "simatic mv500",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic net cp1243-7 lte eu",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "graalvm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "20.3.1.2"
},
{
"model": "primavera unifier",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12"
},
{
"model": "graalvm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "12.2"
},
{
"model": "tenable.sc",
"scope": "gte",
"trust": 1.0,
"vendor": "tenable",
"version": "5.13.0"
},
{
"model": "simatic pcs neo",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance s602",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.12.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.24.0"
},
{
"model": "simatic rf185c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinec infrastructure network services",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1.1"
},
{
"model": "nessus",
"scope": "lte",
"trust": 1.0,
"vendor": "tenable",
"version": "8.13.1"
},
{
"model": "nessus network monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "tenable",
"version": "5.11.0"
},
{
"model": "mysql server",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.15"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.1k"
},
{
"model": "primavera unifier",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.7"
},
{
"model": "simatic net cp 1543sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "zfs storage appliance kit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.8"
},
{
"model": "sinamics connect 300",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "nessus network monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "tenable",
"version": "5.12.1"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "scalance s623",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "simatic net cp 1243-8 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "essbase",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.2"
},
{
"model": "simatic net cp1243-7 lte us",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "sinec nms",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "sinema server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "14.0"
},
{
"model": "scalance m-800",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "6.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "simatic rf166c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "oncommand insight",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1242-7 gprs v2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "simatic hmi basic panels 2nd generation",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic rf186c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "14.0.0"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "ruggedcom rcm1224",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "6.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.58"
},
{
"model": "sma100",
"scope": "lt",
"trust": 1.0,
"vendor": "sonicwall",
"version": "10.2.1.0-17sv"
},
{
"model": "scalance sc-600",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.57"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "10.1.1"
},
{
"model": "simatic rf186ci",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.10"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.1"
},
{
"model": "communications communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.6.0.0.0"
},
{
"model": "simatic process historian opc ua server",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2019"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.0.0"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12"
},
{
"model": "simatic rf188ci",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic net cp 1545-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "graalvm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.0.0.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.13.0"
},
{
"model": "mysql server",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.23"
},
{
"model": "simatic net cp 1543-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "scalance lpe9403",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic net cp 1243-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "scalance s615",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "6.2"
},
{
"model": "simatic net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.13.0"
},
{
"model": "scalance xb-200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "scalance xf-200ba",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "simatic cloud connect 7",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "secure backup",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "18.1.0.1.0"
},
{
"model": "simatic hmi comfort outdoor panels",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance s627-2m",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "tenable.sc",
"scope": "lte",
"trust": 1.0,
"vendor": "tenable",
"version": "5.17.0"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "mysql server",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.7.33"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.12.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "14.15.0"
},
{
"model": "cloud volumes ontap mediator",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic cloud connect 7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "nessus network monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "tenable",
"version": "5.13.0"
},
{
"model": "simatic rf360r",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "tim 1531 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic logon",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6.0.2"
},
{
"model": "sinec pni",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr524-8c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "nessus network monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "tenable",
"version": "5.12.0"
},
{
"model": "jd edwards world security",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "a9.4"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik opc ua server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xm-400",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "tia administrator",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "15.14.0"
},
{
"model": "e-series performance analyzer",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "mysql connectors",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.23"
},
{
"model": "scalance xc-200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "quantum security gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.40"
},
{
"model": "nessus network monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "tenable",
"version": "5.11.1"
},
{
"model": "quantum security management",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.40"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.19"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "7.0.1.0"
},
{
"model": "scalance xp-200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "scalance xr-300wg",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "simatic hmi ktp mobile panels",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "quantum security gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r81"
},
{
"model": "quantum security management",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r81"
},
{
"model": "simatic wincc telecontrol",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "15.0.0"
},
{
"model": "scalance s612",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "simatic net cp 1542sp-1 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "santricity smi-s provider",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "scalance xr528-6m",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.22.1"
},
{
"model": "sma100",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "10.2.0.0"
},
{
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "web gateway cloud service",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.19"
},
{
"model": "mysql workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.23"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.59"
},
{
"model": "capture client",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "3.5"
},
{
"model": "scalance xr552-12",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "simatic pcs 7 telecontrol",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic rf188c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "enterprise manager for storage management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.4.0.0"
},
{
"model": "scalance xr526-8c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "scalance w1700",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.0.0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "14.16.1"
},
{
"model": "storagegrid",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1242-7 gprs v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "multi-domain management",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.40"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163257"
},
{
"db": "PACKETSTORM",
"id": "163267"
},
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
},
{
"db": "PACKETSTORM",
"id": "162337"
},
{
"db": "PACKETSTORM",
"id": "162196"
},
{
"db": "PACKETSTORM",
"id": "162201"
}
],
"trust": 0.8
},
"cve": "CVE-2021-3449",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-3449",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-388130",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2021-3449",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-3449",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-388130",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). OpenSSL is an open source general encryption library of the Openssl team that can implement the Secure Sockets Layer (SSLv2/v3) and Transport Layer Security (TLSv1) protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. Description:\n\nWindows Container Support for Red Hat OpenShift allows you to deploy\nWindows container workloads running on Windows Server containers. \n\nBug Fix(es):\n\n* WMCO patch pub-key-hash annotation to Linux node (BZ#1945248)\n\n* LoadBalancer Service type with invalid external loadbalancer IP breaks\nthe datapath (BZ#1952917)\n\n* Telemetry info not completely available to identify windows nodes\n(BZ#1955319)\n\n* WMCO incorrectly shows node as ready after a failed configuration\n(BZ#1956412)\n\n* kube-proxy service terminated unexpectedly after recreated LB service\n(BZ#1963263)\n\n3. Solution:\n\nFor Windows Machine Config Operator upgrades, see the following\ndocumentation:\n\nhttps://docs.openshift.com/container-platform/4.7/windows_containers/window\ns-node-upgrades.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1945248 - WMCO patch pub-key-hash annotation to Linux node\n1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don\u0027t create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM\n1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath\n1955319 - Telemetry info not completely available to identify windows nodes\n1956412 - WMCO incorrectly shows node as ready after a failed configuration\n1963263 - kube-proxy service terminated unexpectedly after recreated LB service\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers\n1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nTRACING-1725 - Elasticsearch operator reports x509 errors communicating with ElasticSearch in OpenShift Service Mesh project\n\n6. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class\n(CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and\nblaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in\naxis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class\n(CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in\njboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: Serialization gadgets in\ncom.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool\n(CVE-2020-35728)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\noadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource\n(CVE-2020-36184)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource\n(CVE-2020-36185)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource\n(CVE-2020-36186)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource\n(CVE-2020-36187)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource\n(CVE-2020-36188)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc\ne (CVE-2020-36189)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to javax.swing (CVE-2021-20190)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class\n(CVE-2018-14721)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1666415 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class\n1666418 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes\n1666423 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes\n1666428 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class\n1666482 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class\n1666484 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class\n1666489 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class\n1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution\n1859004 - Sometimes the eventrouter couldn\u0027t gather event logs. \n1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration\n1909266 - CVE-2020-35490 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource\n1909269 - CVE-2020-35491 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource\n1911502 - CVE-2020-35728 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool\n1913871 - CVE-2020-36179 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS\n1913872 - CVE-2020-36180 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS\n1913874 - CVE-2020-36181 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS\n1913926 - CVE-2020-36182 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS\n1913927 - CVE-2020-36183 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool\n1913928 - CVE-2020-36184 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource\n1913929 - CVE-2020-36185 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource\n1913931 - CVE-2020-36186 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource\n1913933 - CVE-2020-36187 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource\n1913934 - CVE-2020-36188 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource\n1913937 - CVE-2020-36189 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\n1916633 - CVE-2021-20190 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing\n1925361 - [4.6] ClusterLogForwarder namespace-specific log forwarding does not work as expected\n1950894 - Placeholder bug for OCP 4.6.0 extras release\n\n5. \n\nBug fix:\n\n* RHACM 2.0.10 images (BZ #1940452)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1940452 - RHACM 2.0.10 images\n1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function\n\n5. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.1.6 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \n\nBug fixes:\n\n* RHACM 2.1.6 images (BZ#1940581)\n\n* When generating the import cluster string, it can include unescaped\ncharacters (BZ#1934184)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1929338 - CVE-2020-35149 mquery: Code injection via merge or clone operation\n1934184 - When generating the import cluster string, it can include unescaped characters\n1940581 - RHACM 2.1.6 images\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 security update\nAdvisory ID: RHSA-2021:1199-01\nProduct: Red Hat JBoss Core Services\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:1199\nIssue date: 2021-04-14\nCVE Names: CVE-2021-3449 CVE-2021-3450\n====================================================================\n1. Summary:\n\nUpdated packages that provide Red Hat JBoss Core Services Pack Apache\nServer 2.4.37 and fix several bugs, and add various enhancements are now\navailable for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64\n\n3. Description:\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages\nthat are part of the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.37 Service Pack 6 and includes bug fixes and\nenhancements. Refer to the Release Notes for information on the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity fix(es):\n\n* openssl: NULL pointer dereference in signature_algorithms processing\n(CVE-2021-3449)\n* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT\n(CVE-2021-3450)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1941547 - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT\n1941554 - CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing\n\n6. Package List:\n\nRed Hat JBoss Core Services on RHEL 7 Server:\n\nSource:\njbcs-httpd24-httpd-2.4.37-70.jbcs.el7.src.rpm\njbcs-httpd24-mod_cluster-native-1.3.14-20.Final_redhat_2.jbcs.el7.src.rpm\njbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.src.rpm\njbcs-httpd24-mod_jk-1.2.48-13.redhat_1.jbcs.el7.src.rpm\njbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.src.rpm\njbcs-httpd24-mod_security-2.9.2-60.GA.jbcs.el7.src.rpm\njbcs-httpd24-nghttp2-1.39.2-37.jbcs.el7.src.rpm\njbcs-httpd24-openssl-1.1.1g-6.jbcs.el7.src.rpm\njbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.src.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.src.rpm\n\nnoarch:\njbcs-httpd24-httpd-manual-2.4.37-70.jbcs.el7.noarch.rpm\n\nppc64:\njbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_http2-debuginfo-1.15.7-14.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_md-debuginfo-2.0.8-33.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-chil-debuginfo-1.0.0-5.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-20.jbcs.el7.ppc64.rpm\n\nx86_64:\njbcs-httpd24-httpd-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-devel-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-selinux-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-tools-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_cluster-native-1.3.14-20.Final_redhat_2.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_cluster-native-debuginfo-1.3.14-20.Final_redhat_2.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_http2-1.15.7-14.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_http2-debuginfo-1.15.7-14.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-ap24-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-debuginfo-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-manual-1.2.48-13.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ldap-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_md-2.0.8-33.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_md-debuginfo-2.0.8-33.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_proxy_html-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-2.9.2-60.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.2-60.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_session-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ssl-2.4.37-70.jbcs.el7.x86_64.rpm\njbcs-httpd24-nghttp2-1.39.2-37.jbcs.el7.x86_64.rpm\njbcs-httpd24-nghttp2-debuginfo-1.39.2-37.jbcs.el7.x86_64.rpm\njbcs-httpd24-nghttp2-devel-1.39.2-37.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-1.1.1g-6.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-chil-1.0.0-5.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-chil-debuginfo-1.0.0-5.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-debuginfo-1.1.1g-6.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-devel-1.1.1g-6.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-libs-1.1.1g-6.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-perl-1.1.1g-6.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-20.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-20.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-static-1.1.1g-6.jbcs.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3449\nhttps://access.redhat.com/security/cve/CVE-2021-3450\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYHcQ4tzjgjWX9erEAQg5Zg/9FciPflU5YnbBIktqUgZAzkgIaZf3cp/A\nvYQu1D/5oRwfvcdbhtzgYBVB5Ha+Ut1QQRHix/3QkD2v4+pF2eAnfe6TN2ftgKyJ\nQw1oOs0HGdUzSkxboZESkTGiSmaCLT7fn7dHvJ1cH0rfQx7ngYRPGLPAbSHqOaQZ\ngkRYTZGl+jBG/a91XBMoa+QRFT0+yQX4ps2oEGiMWZMIfWOrC4iU9NnudR1CDGE7\nSWzDmjAIKP2xjfi6UVwTuuq64ROju9ginT5KPwj42Btfatnj6nTF4CIoWyfBm9LK\nCLBXeJOfjQUB/vjiTeLh47d1rMt7H5Jjck8imL6nfdAkzG+SKQA3yxjHztdmEFyX\naDQR6T5X2lPBPdtHE0qaunS5lb/XRWh7xTQ3k34iTYvIN2wd2KqP78TwXSMEKWlV\nddGQul2vakBXn4C2waTvuJE6JvvwS4Q8zQ1plpW1uOuGIRn1XAxJWV+Wkmt5eBg6\nAbyXUMM7pLKiUNP1L0k7nKKx5Ta3HlnpvOpXMDlvccxwEAWoVqZ+nrmUe9bG67DK\n1yEp/DR/XpKLPjCwBEW+i+nZUSpTyKe3+J962KoSJ/HISVRZaicBmGiQDCKCEbPr\nhnhoDO+7Y0A1GlmAd3ZkHu+k97louMpIkRsghdZ7el3D1Hx2EhP/HSQqHI5QCyMl\nqQeHglPylHU=m11c\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3449"
},
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "PACKETSTORM",
"id": "163257"
},
{
"db": "PACKETSTORM",
"id": "163267"
},
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
},
{
"db": "PACKETSTORM",
"id": "162337"
},
{
"db": "PACKETSTORM",
"id": "162196"
},
{
"db": "PACKETSTORM",
"id": "162201"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-3449",
"trust": 1.9
},
{
"db": "TENABLE",
"id": "TNS-2021-06",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2021-09",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2021-05",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2021-10",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/03/28/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/03/27/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/03/28/4",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/03/27/1",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-772220",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-389290",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA44845",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10356",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "163257",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162350",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162383",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162337",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162196",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162201",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162114",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162041",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162013",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162699",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162189",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162172",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161984",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162307",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162200",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-99170",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-388130",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163276",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "PACKETSTORM",
"id": "163257"
},
{
"db": "PACKETSTORM",
"id": "163267"
},
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
},
{
"db": "PACKETSTORM",
"id": "162337"
},
{
"db": "PACKETSTORM",
"id": "162196"
},
{
"db": "PACKETSTORM",
"id": "162201"
},
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"id": "VAR-202103-1464",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-388130"
}
],
"trust": 0.69085685
},
"last_update_date": "2024-09-19T22:06:59.925000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-openssl-2021-ghy28djd"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44845"
},
{
"trust": 1.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0013"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
},
{
"trust": 1.1,
"url": "https://www.openssl.org/news/secadv/20210325.txt"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2021-05"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2021-06"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2021-09"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2021-10"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-4875"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202103-03"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-21:07.openssl.asc"
},
{
"trust": 1.1,
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10356"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ccbfllvqvilivgzmbjl3ixzgkwqisynp/"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-3449"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-3450"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3449"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3450"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2021-20305"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20305"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25013"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29362"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-29361"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-2708"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8286"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8284"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-28196"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-15358"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15358"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8927"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13434"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-14502"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-29362"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8285"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8285"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14502"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8286"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-29363"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9169"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10228"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27618"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8927"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3842"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13434"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2708"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13776"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-10228"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29363"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24977"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-3842"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13776"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25013"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8231"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9169"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3326"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8231"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-27219"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8284"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24977"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29361"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-27618"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28196"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28362"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-28362"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27219"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26116"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23336"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/jaeger/jaeger_install/rhb"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3114"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-26116"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27619"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23336"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27619"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27363"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3347"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-28374"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27364"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26708"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27365"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0466"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27152"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27363"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27152"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3347"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27365"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-0466"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27364"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28374"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-26708"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10356"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ccbfllvqvilivgzmbjl3ixzgkwqisynp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2130"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/windows_containers/window"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3326"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3114"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13949"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13949"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23337"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14718"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35490"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35491"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35490"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35728"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36186"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36187"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36188"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14721"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14721"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36186"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36187"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1230"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2021:1232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35728"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14379"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3121"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1369"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35149"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35149"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1199"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1202"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "PACKETSTORM",
"id": "163257"
},
{
"db": "PACKETSTORM",
"id": "163267"
},
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
},
{
"db": "PACKETSTORM",
"id": "162337"
},
{
"db": "PACKETSTORM",
"id": "162196"
},
{
"db": "PACKETSTORM",
"id": "162201"
},
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-388130"
},
{
"db": "PACKETSTORM",
"id": "163257"
},
{
"db": "PACKETSTORM",
"id": "163267"
},
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
},
{
"db": "PACKETSTORM",
"id": "162337"
},
{
"db": "PACKETSTORM",
"id": "162196"
},
{
"db": "PACKETSTORM",
"id": "162201"
},
{
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-388130"
},
{
"date": "2021-06-23T15:44:15",
"db": "PACKETSTORM",
"id": "163257"
},
{
"date": "2021-06-23T16:08:25",
"db": "PACKETSTORM",
"id": "163267"
},
{
"date": "2021-06-24T17:54:53",
"db": "PACKETSTORM",
"id": "163276"
},
{
"date": "2021-04-27T15:37:46",
"db": "PACKETSTORM",
"id": "162350"
},
{
"date": "2021-04-29T14:37:49",
"db": "PACKETSTORM",
"id": "162383"
},
{
"date": "2021-04-26T19:21:56",
"db": "PACKETSTORM",
"id": "162337"
},
{
"date": "2021-04-15T13:49:54",
"db": "PACKETSTORM",
"id": "162196"
},
{
"date": "2021-04-15T13:50:39",
"db": "PACKETSTORM",
"id": "162201"
},
{
"date": "2021-03-25T15:15:13.450000",
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-388130"
},
{
"date": "2024-06-21T19:15:19.710000",
"db": "NVD",
"id": "CVE-2021-3449"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2021-2130-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "163257"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "163276"
},
{
"db": "PACKETSTORM",
"id": "162350"
},
{
"db": "PACKETSTORM",
"id": "162383"
}
],
"trust": 0.3
}
}
var-201803-2158
Vulnerability from variot
A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it. TIM 1531 IRC Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens TIM 1531 IRC is a communication module from Siemens AG in Germany for processing data transmissions using the Siemens remote control protocol SINAUT ST7. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-2158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003c1.0"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "15311.0"
},
{
"model": "tim irc",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "15311.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tim 1531 irc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "BID",
"id": "103576"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:siemens:tim_1531_irc_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "103576"
}
],
"trust": 0.3
},
"cve": "CVE-2018-4841",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-4841",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-07036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-4841",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4841",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-4841",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-4841",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-07036",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-1133",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-4841",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in TIM 1531 IRC (All versions \u003c V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it. TIM 1531 IRC Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens TIM 1531 IRC is a communication module from Siemens AG in Germany for processing data transmissions using the Siemens remote control protocol SINAUT ST7. \nAn attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "BID",
"id": "103576"
},
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4841",
"trust": 3.6
},
{
"db": "BID",
"id": "103576",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-088-02",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-110922",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2018-07036",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EA7D80-39AB-11E9-9A69-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-4841",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"db": "BID",
"id": "103576"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"id": "VAR-201803-2158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
}
],
"trust": 1.6636364000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
}
]
},
"last_update_date": "2024-08-14T15:02:44.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-110922",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-110922.pdf"
},
{
"title": "Siemens TIM 1531 IRC Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/124861"
},
{
"title": "Siemens TIM 1531 IRC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82885"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=12885f7d95d11b73fe4d1a1708218101"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-303",
"trust": 1.0
},
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/103576"
},
{
"trust": 1.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-088-02"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-110922.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4841"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4841"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"db": "BID",
"id": "103576"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"db": "BID",
"id": "103576"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-04T00:00:00",
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"date": "2018-04-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"date": "2018-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"date": "2018-03-29T00:00:00",
"db": "BID",
"id": "103576"
},
{
"date": "2018-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"date": "2018-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"date": "2018-03-29T13:29:00.210000",
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07036"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4841"
},
{
"date": "2018-03-29T00:00:00",
"db": "BID",
"id": "103576"
},
{
"date": "2018-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003574"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-1133"
},
{
"date": "2023-03-24T17:36:34.353000",
"db": "NVD",
"id": "CVE-2018-4841"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens TIM 1531 IRC Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2ea7d80-39ab-11e9-9a69-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07036"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-1133"
}
],
"trust": 0.6
}
}
var-201812-0347
Vulnerability from variot
A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known. TIM 1531 IRC Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens TIM 1531 IRC is a communication module from Siemens AG, Germany. A security vulnerability exists in a version of the Siemens TIM 1531 IRC 2.0 that was caused by a device failing to authenticate properly when connecting on a 102/tcp port. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0347",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "1531\u003cv2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tim 1531 irc",
"version": "*"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "15311.1"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "15311.0"
},
{
"model": "tim irc",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "15312.0"
}
],
"sources": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "BID",
"id": "106194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:siemens:tim_1531_irc_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106194"
}
],
"trust": 0.3
},
"cve": "CVE-2018-13816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-13816",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25397",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25424",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d806041-463f-11e9-9db3-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-13816",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-13816",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-13816",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-25397",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25424",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-646",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-13816",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in TIM 1531 IRC (All version \u003c V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known. TIM 1531 IRC Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens TIM 1531 IRC is a communication module from Siemens AG, Germany. A security vulnerability exists in a version of the Siemens TIM 1531 IRC 2.0 that was caused by a device failing to authenticate properly when connecting on a 102/tcp port. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-13816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "BID",
"id": "106194"
},
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2018-13816"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-13816",
"trust": 4.4
},
{
"db": "SIEMENS",
"id": "SSA-982399",
"trust": 3.2
},
{
"db": "BID",
"id": "106194",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-352-05",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25397",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-25424",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D806041-463F-11E9-9DB3-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D8198C0-463F-11E9-B4E9-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-13816",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"db": "BID",
"id": "106194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"id": "VAR-201812-0347",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
}
],
"trust": 2.4636364
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
}
]
},
"last_update_date": "2024-08-14T14:51:23.453000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-982399",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf"
},
{
"title": "Siemens TIM 1531 IRC Certification Missing Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/147297"
},
{
"title": "Patch for Siemens TIM 1531 IRC Authentication Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/147337"
},
{
"title": "Siemens TIM 1531 IRC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87884"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
},
{
"problemtype": "CWE-284",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/106194"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-352-05"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13816"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13816"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"db": "BID",
"id": "106194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"db": "BID",
"id": "106194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d806041-463f-11e9-9db3-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106194"
},
{
"date": "2019-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"date": "2018-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"date": "2018-12-12T16:29:00.747000",
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25397"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25424"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-13816"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106194"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014043"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-646"
},
{
"date": "2019-10-09T23:34:34.293000",
"db": "NVD",
"id": "CVE-2018-13816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens TIM 1531 IRC Authentication vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d8198c0-463f-11e9-b4e9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25424"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-646"
}
],
"trust": 0.6
}
}
var-201904-0174
Vulnerability from variot
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0174",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinamics s210",
"scope": "eq",
"trust": 1.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s150",
"scope": "eq",
"trust": 1.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "simatic rf186c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.0"
},
{
"model": "sinamics sm120",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics s150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "simatic hmi ktp mobile panels ktp400f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic s7-400 pn",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6.1"
},
{
"model": "sinamics sl150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic winac rtx",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2010"
},
{
"model": "simatic hmi ktp mobile panels ktp700f",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "sitop manager",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "simatic hmi comfort outdoor panels",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic ipc diagmonitor",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1.3"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "sinamics gm150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics s120",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2"
},
{
"model": "cp1616",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic hmi ktp mobile panels ktp900f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic s7-1500t",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6.1"
},
{
"model": "sinamics sm150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "simatic cp443-1 advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic hmi ktp mobile panels ktp900",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic s7-1500s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6.1"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "sitop ups1600",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "simatic hmi ktp mobile panels ktp700f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic hmi ktp mobile panels ktp700",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simocode pro v pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1.3"
},
{
"model": "simatic s7-400 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp343-1 advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simocode pro v eip",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.3"
},
{
"model": "sinamics g150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2"
},
{
"model": "sinamics s210",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics sl150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic s7-1500f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6.1"
},
{
"model": "simatic teleservice adapter ie basic",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "cp1604",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic wincc runtime advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic winac rtx",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2010"
},
{
"model": "sinamics g130",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2"
},
{
"model": "sinamics gh150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic rf181-eip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic hmi comfort panels",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic rf185c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.0"
},
{
"model": "simatic hmi comfort outdoor panels",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic hmi ktp mobile panels ktp400f",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic hmi ktp mobile panels ktp900",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic rf188c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.7"
},
{
"model": "simatic teleservice adapter ie advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinamics gl150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics gm150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic cp443-1 opc ua",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.7"
},
{
"model": "sinamics sm120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1.6"
},
{
"model": "simatic hmi comfort panels",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic cp443-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic hmi ktp mobile panels ktp700",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "simatic s7-300",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.17"
},
{
"model": "sitop psu8600",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "simatic hmi ktp mobile panels ktp900f",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "15.1"
},
{
"model": "sinamics gh150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics sm150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics gl150",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic rf182c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic teleservice adapter ie standard",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic rf600r",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2.1"
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1604",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1616",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 343-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 443-1 adv",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi comfort outdoor panels",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi comfort panels",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf185c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "sinamics s150",
"version": "5.1"
},
{
"model": "simatic winac rtx sp2 all",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "2010"
},
{
"model": "simatic s7-300 cpu family all",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-400 pn/dp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g130 and g150",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf182c",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc runtime advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp443-1 opc ua",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf188c",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf600r",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "cp1604",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "cp1616",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et sp open controller cpu 1515sp pc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "200\u003cv2.1.6"
},
{
"model": "simatic hmi comfort panels 4\" 22\"",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi ktp mobile panels",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu family",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-400 pn",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v6"
},
{
"model": "sinamics s150",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s210",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.1"
},
{
"model": "sinamics s210 sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.1"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
},
{
"model": "simatic hmi comfort outdoor panels 7\" \u0026 15\"",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf181-eip",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic rf186c",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic teleservice adapter ie advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic teleservice adapter ie basic",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic teleservice adapter ie standard",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simocode pro eip",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v"
},
{
"model": "simocode pro pn",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v"
},
{
"model": "sitop manager",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sitop psu8600",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sitop ups1600",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siamtic rf185c",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp343-1 advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp443-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp443-1 advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et sp open controller cpu 1515sp pc2",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "200"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "sinamics s210",
"version": "5.1"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "15310"
},
{
"model": "sitop ups1600",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "sitop psu8600",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "sitop manager",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "sinamics s210 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s150 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics s150 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "sinamics s120 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics s120 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "sinamics g150 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics g150 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics g150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics g150",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "sinamics g130 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g130",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g130",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics g130 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics g130",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics g130",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "simocode pro pn",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v0"
},
{
"model": "simocode pro eip",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v0"
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic winac rtx",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20100"
},
{
"model": "simatic teleservice adapter ie standard",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic teleservice adapter ie basic",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic teleservice adapter ie advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic s7-400 pn/dp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "7"
},
{
"model": "simatic s7-400 pn",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v60"
},
{
"model": "simatic s7-300 cpu",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic s7-1500 cpu",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic rf600r",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic rf188c",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic rf186c",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic rf185c",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic rf182c",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic ipc diagmonitor",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp900f mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp900 mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp700f mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp700 mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp400f mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi ktp mobile panels",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi comfort panels",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic hmi comfort outdoor panels",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic et200 open controller cpu 1515sp pc2",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic et200 open controller cpu 1515sp pc",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic cp opc ua",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "443-10"
},
{
"model": "simatic cp advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "443-10"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "443-10"
},
{
"model": "simatic cp advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "343-10"
},
{
"model": "rfid 181-eip",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "16160"
},
{
"model": "cp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "16040"
},
{
"model": "sinamics s150 sp1 hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s150 hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics s120 sp1 hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics s120 hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics g150 sp1 hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g150 hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinamics g130 sp1 hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "sinamics g130 hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "simatic s7-300 cpu",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "v3.x.16"
},
{
"model": "simatic et200 open controller cpu 1515sp pc",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.1.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "cp1604",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi comfort panels",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi ktp mobile panels ktp400f",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi ktp mobile panels ktp700",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi ktp mobile panels ktp700f",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi ktp mobile panels ktp900",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi ktp mobile panels ktp900f",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic cp443 1 opc ua",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic ipc diagmonitor",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 1500 controller",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 plcsim advanced",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc runtime advanced",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sitop manager",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf600r",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf188c",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf186c",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "cp1616",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf182c",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf181 eip",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 1500",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 300",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 400 pn",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 400 pn dp",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic teleservice adapter ie advanced",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic teleservice adapter ie basic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic teleservice adapter ie standard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic winac rtx 2010",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic rf185c",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simocode pro v eip",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simocode pro v pn",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g130",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s120",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s210",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sitop psu8600",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sitop ups1600",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tim 1531 irc",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic cp343 1 advanced",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 1500f",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 1500s",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic s7 1500t",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic cp443 1",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic cp443 1 advanced",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic et 200 sp open controller cpu 1515sp pc",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic et 200 sp open controller cpu 1515sp pc2",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic hmi comfort outdoor panels",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "BID",
"id": "107842"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp343-1_advanced_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_rf185c_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported this vulnerability to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
}
],
"trust": 0.6
},
"cve": "CVE-2019-6568",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6568",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-12904",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-158003",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6568",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-6568",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6568",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2019-6568",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-6568",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-12904",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-458",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-158003",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "VULHUB",
"id": "VHN-158003"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device. \r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6568"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "BID",
"id": "107842"
},
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "VULHUB",
"id": "VHN-158003"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6568",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-099-06",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-480230",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-530931",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-19-227-04",
"trust": 1.4
},
{
"db": "BID",
"id": "107842",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-12904",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.3150",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1204.2",
"trust": 0.6
},
{
"db": "IVD",
"id": "A397CC8B-EE17-4FAF-8447-E9EE5F57DD12",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-158003",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "VULHUB",
"id": "VHN-158003"
},
{
"db": "BID",
"id": "107842"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"id": "VAR-201904-0174",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "VULHUB",
"id": "VHN-158003"
}
],
"trust": 1.594357721153846
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
}
]
},
"last_update_date": "2024-08-14T15:43:49.516000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-480230",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"title": "SSA-530931",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
},
{
"title": "Patches for multiple Siemens product denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/160237"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=91286"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158003"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-06"
},
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-04"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6568"
},
{
"trust": 0.9,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6568"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3150/"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-06"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-099-06"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/107842"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-webserver-28976"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78710"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "VULHUB",
"id": "VHN-158003"
},
{
"db": "BID",
"id": "107842"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"db": "VULHUB",
"id": "VHN-158003"
},
{
"db": "BID",
"id": "107842"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-05T00:00:00",
"db": "IVD",
"id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
},
{
"date": "2019-05-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-158003"
},
{
"date": "2019-04-09T00:00:00",
"db": "BID",
"id": "107842"
},
{
"date": "2019-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"date": "2019-04-17T14:29:03.683000",
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-12904"
},
{
"date": "2023-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-158003"
},
{
"date": "2019-04-09T00:00:00",
"db": "BID",
"id": "107842"
},
{
"date": "2019-08-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003541"
},
{
"date": "2023-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-458"
},
{
"date": "2023-04-11T10:15:09.153000",
"db": "NVD",
"id": "CVE-2019-6568"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability related to input validation in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003541"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-458"
}
],
"trust": 0.6
}
}
var-202202-0372
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202202-0372",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "tim 1531 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "tim 1531 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu family",
"scope": "gt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.5,\u003cv2.9.2"
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.9.4"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "gte",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.5.0\u003cv4.5.2"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003e=v2.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
}
],
"trust": 0.6
},
"cve": "CVE-2021-37204",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-37204",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-10003",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-37204",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-005068",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-37204",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2021-37204",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-37204",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-10003",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202202-568",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37204"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNVD",
"id": "CNVD-2022-10003"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-37204",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-838121",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-041-01",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU98748974",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-10003",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021105",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0605",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"id": "VAR-202202-0372",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
}
],
"trust": 1.346276972
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
}
]
},
"last_update_date": "2024-08-14T12:47:36.679000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-838121",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"title": "Patch for Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10003)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/318446"
},
{
"title": "SIMATIC S7-1500 CPU Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=185271"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-672",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37204"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98748974/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0605"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021105"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"date": "2023-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"date": "2022-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"date": "2022-02-09T16:15:13.333000",
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10003"
},
{
"date": "2023-05-16T08:41:00",
"db": "JVNDB",
"id": "JVNDB-2022-005068"
},
{
"date": "2023-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-568"
},
{
"date": "2023-04-11T10:15:09.827000",
"db": "NVD",
"id": "CVE-2021-37204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005068"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-568"
}
],
"trust": 0.6
}
}
var-202103-0218
Vulnerability from variot
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Open vSwitch Is vulnerable to a resource exhaustion.Denial of service (DoS) It may be put into a state. Canonical Ubuntu is a set of desktop application-based GNU/Linux operating system developed by British company Canonical. A security vulnerability exists in the Ubuntu lldp software that could be exploited by an attacker to trigger a denial of service attack. The following products and models are affected: Ubuntu 20.10 openvswitch-common, Ubuntu 20.04 LTS openvswitch-common Ubuntu 18.04 LTS openvswitch-common, Ubuntu 16.04 LTS: openvswitch-common. Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, a software-based Ethernet virtual switch, which could result in denial of service. For the stable distribution (buster), these problems have been fixed in version 2.10.6+ds1-0+deb10u1. For the detailed security status of openvswitch please refer to its security tracker page at: security-tracker.debian.org/tracker/openvswitch. Description:
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.
Bug Fix(es):
-
[RFE] Add auto load balance params (BZ#1920121)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: RHV-H enhancement and security update (redhat-virtualization-host) 4.3.14 Advisory ID: RHSA-2021:1051-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2021:1051 Issue date: 2021-03-31 CVE Names: CVE-2020-27827 ==================================================================== 1. Summary:
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 7 - noarch
- Description:
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
- lldp/openvswitch: denial of service via externally triggered memory leak (CVE-2020-27827)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2974891
- Bugs fixed (https://bugzilla.redhat.com/):
1921438 - CVE-2020-27827 lldp/openvswitch: denial of service via externally triggered memory leak 1924062 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #4 1932859 - Rebase RHV-H 4.3.14 on FDP 2.11 (21B) 1940841 - Include updated gluster-ansible-features in RHV-H 4.3
- Package List:
Red Hat Virtualization 4 Hypervisor for RHEL 7:
Source: redhat-virtualization-host-4.3.14-20210322.0.el7_9.src.rpm
noarch: redhat-virtualization-host-image-update-4.3.14-20210322.0.el7_9.noarch.rpm
RHEL 7-based RHEV-H for RHEV 4 (build requirements):
Source: redhat-release-virtualization-host-4.3.14-2.el7ev.src.rpm redhat-virtualization-host-4.3.14-20210322.0.el7_9.src.rpm
noarch: redhat-virtualization-host-image-update-4.3.14-20210322.0.el7_9.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.3.14-2.el7ev.noarch.rpm
x86_64: redhat-release-virtualization-host-4.3.14-2.el7ev.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-27827 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYGRyJtzjgjWX9erEAQg/oA/+JnqagPDFgIbL7eSCpxsXkqodtCyXjbEp CMxp54Mwa8GdyaSpNvqnRUz4k1f/BVZPKqHv+wHRHy0xhFeUITHmwM9RhK/b+t4G zrnDYrNpeierd4IWeZNrR2XOYBMq1PLpEtDwxM9NlGD9FZuDPAWKghD8tvxV8FMY TC7PaGdi54cUHgbcHHxsJconfAsbQrE3mphksxXf7m8ZS4ffiGsXdQCnNB3TgsGn oDw6fv/wSh2SKN5Us6c3bJ3/yWwGP7B02TQtAB4+bTfb55u9N4oDIeaUYKkmnh91 pxUZJlrtqGBdfvnKg8isEn1f57fLAME6J7m80w6CoCXaK2LoSauyXTzlTpM4W6V+ Qr05ALxILsTTn3vpuLUqEmUAQYghqYeAkhioZx7vQ+5xTXJMLZCSDF+xFuOHSpGc J2vCym9kcRxSQY4QR9ae+EN/K2IdHYHNFocQTIpY/CrK2b9dNy8VlzPQrhiA6R4W eLmD7ZpYJiuHEIplRd/elzze0RdXsVujs3eyWOhLP8uynz0AykGmhIn2a/YX6P3b T8ZHfTig37BfvwZeezj/EgyHjftUBf43NNTqjdxYflI/tlw2Qw1JSUsHct+22GsG f5gA7dFoWmkmMoPRjjvcbFhHr50vwwUaRNdOJBo0rUEJT6ol+bZcJdxTS2vkmOC8 OSRA+4x+lwY=Z/AD -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202311-16
https://security.gentoo.org/
Severity: Low Title: Open vSwitch: Multiple Vulnerabilities Date: November 26, 2023 Bugs: #765346, #769995, #803107, #887561 ID: 202311-16
Synopsis
Multiple denial of service vulnerabilites have been found in Open vSwitch.
Background
Open vSwitch is a production quality multilayer virtual switch.
Affected packages
Package Vulnerable Unaffected
net-misc/openvswitch < 2.17.6 >= 2.17.6
Description
Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Open vSwitch users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.17.6"
References
[ 1 ] CVE-2020-27827 https://nvd.nist.gov/vuln/detail/CVE-2020-27827 [ 2 ] CVE-2020-35498 https://nvd.nist.gov/vuln/detail/CVE-2020-35498 [ 3 ] CVE-2021-3905 https://nvd.nist.gov/vuln/detail/CVE-2021-3905 [ 4 ] CVE-2021-36980 https://nvd.nist.gov/vuln/detail/CVE-2021-36980 [ 5 ] CVE-2022-4337 https://nvd.nist.gov/vuln/detail/CVE-2022-4337 [ 6 ] CVE-2022-4338 https://nvd.nist.gov/vuln/detail/CVE-2022-4338 [ 7 ] CVE-2023-1668 https://nvd.nist.gov/vuln/detail/CVE-2023-1668
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202311-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.12.0"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.11.0"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.6.9"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.8.0"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.6.0"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.9.0"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "10"
},
{
"model": "simatic net cp 1545-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.11.5"
},
{
"model": "simatic net cp 1543-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.10.0"
},
{
"model": "simatic net cp 1543sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi unified comfort panels",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "13"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.14.0"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.14.1"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.10.6"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.12.2"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.13.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.8.10"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.7.12"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.7.0"
},
{
"model": "openvswitch",
"scope": "gte",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.13.0"
},
{
"model": "simatic net cp 1542sp-1 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "lldpd",
"scope": "lt",
"trust": 1.0,
"vendor": "lldpd",
"version": "1.0.8"
},
{
"model": "sinumerik one",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.1"
},
{
"model": "openvswitch",
"scope": "lt",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.9.8"
},
{
"model": "simatic net cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net cp 1542sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "lldpd",
"scope": null,
"trust": 0.8,
"vendor": "lldpd",
"version": null
},
{
"model": "red hat openstack",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat openshift container platform",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "open vswitch",
"scope": null,
"trust": 0.8,
"vendor": "open vswitch",
"version": null
},
{
"model": "red hat virtualization",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "162043"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
}
],
"trust": 1.2
},
"cve": "CVE-2020-27827",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2020-27827",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-371938",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-27827",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-27827",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-27827",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-27827",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-1127",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-371938",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Open vSwitch Is vulnerable to a resource exhaustion.Denial of service (DoS) It may be put into a state. Canonical Ubuntu is a set of desktop application-based GNU/Linux operating system developed by British company Canonical. A security vulnerability exists in the Ubuntu lldp software that could be exploited by an attacker to trigger a denial of service attack. The following products and models are affected: Ubuntu 20.10 openvswitch-common, Ubuntu 20.04 LTS openvswitch-common Ubuntu 18.04 LTS openvswitch-common, Ubuntu 16.04 LTS: openvswitch-common. Two vulnerabilities were discovered in the LLPD implementation of Open\nvSwitch, a software-based Ethernet virtual switch, which could result in\ndenial of service. \nFor the stable distribution (buster), these problems have been fixed in\nversion 2.10.6+ds1-0+deb10u1. \nFor the detailed security status of openvswitch please refer to\nits security tracker page at:\nsecurity-tracker.debian.org/tracker/openvswitch. Description:\n\nOpen vSwitch provides standard network bridging functions and support for\nthe OpenFlow protocol for remote per-flow control of traffic. \n\nBug Fix(es):\n\n* [RFE] Add auto load balance params (BZ#1920121)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: RHV-H enhancement and security update (redhat-virtualization-host) 4.3.14\nAdvisory ID: RHSA-2021:1051-01\nProduct: Red Hat Virtualization\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:1051\nIssue date: 2021-03-31\nCVE Names: CVE-2020-27827\n====================================================================\n1. Summary:\n\nAn update for redhat-virtualization-host is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 7 - noarch\n\n3. Description:\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization\nHost. \nThese packages include redhat-release-virtualization-host. Red Hat\nVirtualization Hosts (RHVH) are installed using a special build of Red Hat\nEnterprise Linux with only the packages required to host virtual machines. \nRHVH\nfeatures a Cockpit user interface for monitoring the host\u0027s resources and\nperforming administrative tasks. \n\nSecurity Fix(es):\n\n* lldp/openvswitch: denial of service via externally triggered memory leak\n(CVE-2020-27827)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1921438 - CVE-2020-27827 lldp/openvswitch: denial of service via externally triggered memory leak\n1924062 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #4\n1932859 - Rebase RHV-H 4.3.14 on FDP 2.11 (21B)\n1940841 - Include updated gluster-ansible-features in RHV-H 4.3\n\n6. Package List:\n\nRed Hat Virtualization 4 Hypervisor for RHEL 7:\n\nSource:\nredhat-virtualization-host-4.3.14-20210322.0.el7_9.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-4.3.14-20210322.0.el7_9.noarch.rpm\n\nRHEL 7-based RHEV-H for RHEV 4 (build requirements):\n\nSource:\nredhat-release-virtualization-host-4.3.14-2.el7ev.src.rpm\nredhat-virtualization-host-4.3.14-20210322.0.el7_9.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-4.3.14-20210322.0.el7_9.noarch.rpm\nredhat-virtualization-host-image-update-placeholder-4.3.14-2.el7ev.noarch.rpm\n\nx86_64:\nredhat-release-virtualization-host-4.3.14-2.el7ev.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-27827\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYGRyJtzjgjWX9erEAQg/oA/+JnqagPDFgIbL7eSCpxsXkqodtCyXjbEp\nCMxp54Mwa8GdyaSpNvqnRUz4k1f/BVZPKqHv+wHRHy0xhFeUITHmwM9RhK/b+t4G\nzrnDYrNpeierd4IWeZNrR2XOYBMq1PLpEtDwxM9NlGD9FZuDPAWKghD8tvxV8FMY\nTC7PaGdi54cUHgbcHHxsJconfAsbQrE3mphksxXf7m8ZS4ffiGsXdQCnNB3TgsGn\noDw6fv/wSh2SKN5Us6c3bJ3/yWwGP7B02TQtAB4+bTfb55u9N4oDIeaUYKkmnh91\npxUZJlrtqGBdfvnKg8isEn1f57fLAME6J7m80w6CoCXaK2LoSauyXTzlTpM4W6V+\nQr05ALxILsTTn3vpuLUqEmUAQYghqYeAkhioZx7vQ+5xTXJMLZCSDF+xFuOHSpGc\nJ2vCym9kcRxSQY4QR9ae+EN/K2IdHYHNFocQTIpY/CrK2b9dNy8VlzPQrhiA6R4W\neLmD7ZpYJiuHEIplRd/elzze0RdXsVujs3eyWOhLP8uynz0AykGmhIn2a/YX6P3b\nT8ZHfTig37BfvwZeezj/EgyHjftUBf43NNTqjdxYflI/tlw2Qw1JSUsHct+22GsG\nf5gA7dFoWmkmMoPRjjvcbFhHr50vwwUaRNdOJBo0rUEJT6ol+bZcJdxTS2vkmOC8\nOSRA+4x+lwY=Z/AD\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202311-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: Open vSwitch: Multiple Vulnerabilities\n Date: November 26, 2023\n Bugs: #765346, #769995, #803107, #887561\n ID: 202311-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple denial of service vulnerabilites have been found in Open\nvSwitch. \n\nBackground\n=========\nOpen vSwitch is a production quality multilayer virtual switch. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\nnet-misc/openvswitch \u003c 2.17.6 \u003e= 2.17.6\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in Open vSwitch. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Open vSwitch users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/openvswitch-2.17.6\"\n\nReferences\n=========\n[ 1 ] CVE-2020-27827\n https://nvd.nist.gov/vuln/detail/CVE-2020-27827\n[ 2 ] CVE-2020-35498\n https://nvd.nist.gov/vuln/detail/CVE-2020-35498\n[ 3 ] CVE-2021-3905\n https://nvd.nist.gov/vuln/detail/CVE-2021-3905\n[ 4 ] CVE-2021-36980\n https://nvd.nist.gov/vuln/detail/CVE-2021-36980\n[ 5 ] CVE-2022-4337\n https://nvd.nist.gov/vuln/detail/CVE-2022-4337\n[ 6 ] CVE-2022-4338\n https://nvd.nist.gov/vuln/detail/CVE-2022-4338\n[ 7 ] CVE-2023-1668\n https://nvd.nist.gov/vuln/detail/CVE-2023-1668\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202311-16\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-27827"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "162043"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "PACKETSTORM",
"id": "175917"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-27827",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-21-194-07",
"trust": 2.5
},
{
"db": "SIEMENS",
"id": "SSA-941426",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "162733",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "161781",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "161391",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "162043",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "163180",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "161951",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "162017",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.0274",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0907",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2134",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0999",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0520",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2155",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0169",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1109",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0639",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1086",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2402",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0358",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1780",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052513",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062138",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161789",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161785",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162044",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-371938",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-27827",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175917",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "162043"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "PACKETSTORM",
"id": "175917"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"id": "VAR-202103-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-371938"
}
],
"trust": 0.7875
},
"last_update_date": "2024-09-19T21:53:25.693000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Externally\u00a0triggered\u00a0memory\u00a0leak. Red hat Red\u00a0Hat\u00a0Bugzilla",
"trust": 0.8,
"url": "https://getfedora.org/ja/"
},
{
"title": "Canonical Ubuntu lldp Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=139475"
},
{
"title": "Debian CVElist Bug Report Logs: openvswitch: CVE-2020-27827",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6e19c1cee1c2d0d3976ce8d1d62fbe23"
},
{
"title": "Debian Security Advisories: DSA-4836-1 openvswitch -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=4eb3ba5e3f5ae90d7aae6bc224bc63b7"
},
{
"title": "Arch Linux Advisories: [ASA-202101-29] lldpd: information disclosure",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202101-29"
},
{
"title": "Arch Linux Advisories: [ASA-202101-28] openvswitch: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202101-28"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2020-27827 log"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "Resource exhaustion (CWE-400) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27827"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921438"
},
{
"trust": 1.7,
"url": "https://mail.openvswitch.org/pipermail/ovs-dev/2021-january/379471.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202311-16"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3t5xhpogipwcrrpjue6p3hvc5ptsd5js/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jya4amjxcnf6upfg36l2tppt32c242sp/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/skqwhg2szjzsgc7pxvdaejybn7esdr7d/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-27827"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35498"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3t5xhpogipwcrrpjue6p3hvc5ptsd5js/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/skqwhg2szjzsgc7pxvdaejybn7esdr7d/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jya4amjxcnf6upfg36l2tppt32c242sp/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162733/red-hat-security-advisory-2021-2077-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0639"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161391/red-hat-security-advisory-2021-0497-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0907"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052513"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0169/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0358/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2402"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162017/red-hat-security-advisory-2021-0957-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161781/red-hat-security-advisory-2021-0834-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0999"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1109"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2134"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2155"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1780"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0274/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161951/red-hat-security-advisory-2021-0976-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1086"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/lldp-memory-leak-34341"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0520"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062138"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162043/red-hat-security-advisory-2021-1051-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163180/red-hat-security-advisory-2021-2456-01.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-35498"
},
{
"trust": 0.5,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980132"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/2021/dsa-4836"
},
{
"trust": 0.1,
"url": "https://security.archlinux.org/cve-2020-27827"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8011"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8011"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2077"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification#important"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0497"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1051"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3905"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-4337"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-4338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1668"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-36980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "162043"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "PACKETSTORM",
"id": "175917"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-371938"
},
{
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "162043"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "PACKETSTORM",
"id": "175917"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-371938"
},
{
"date": "2021-03-18T00:00:00",
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"date": "2021-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"date": "2021-05-20T22:17:24",
"db": "PACKETSTORM",
"id": "162733"
},
{
"date": "2021-02-11T15:26:10",
"db": "PACKETSTORM",
"id": "161391"
},
{
"date": "2021-03-15T20:30:52",
"db": "PACKETSTORM",
"id": "161789"
},
{
"date": "2021-03-31T14:36:16",
"db": "PACKETSTORM",
"id": "162043"
},
{
"date": "2021-03-15T19:01:34",
"db": "PACKETSTORM",
"id": "161785"
},
{
"date": "2021-03-15T17:26:06",
"db": "PACKETSTORM",
"id": "161781"
},
{
"date": "2023-11-27T15:42:18",
"db": "PACKETSTORM",
"id": "175917"
},
{
"date": "2021-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"date": "2021-03-18T17:15:13.510000",
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-371938"
},
{
"date": "2021-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2020-27827"
},
{
"date": "2021-11-30T06:47:00",
"db": "JVNDB",
"id": "JVNDB-2020-016396"
},
{
"date": "2023-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1127"
},
{
"date": "2023-11-26T11:15:07.307000",
"db": "NVD",
"id": "CVE-2020-27827"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "162733"
},
{
"db": "PACKETSTORM",
"id": "161391"
},
{
"db": "PACKETSTORM",
"id": "161789"
},
{
"db": "PACKETSTORM",
"id": "161785"
},
{
"db": "PACKETSTORM",
"id": "161781"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
}
],
"trust": 1.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open\u00a0vSwitch\u00a0 Resource Depletion Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016396"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1127"
}
],
"trust": 0.6
}
}
var-202212-1313
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 15prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 317-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1508s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1508s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic s7-1500 cpu 15pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 314",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus s7-300 cpu 315-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 315-2 dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.6.0"
},
{
"model": "simatic s7-1500 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.0"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian reported these vulnerabilities to Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
}
],
"trust": 0.6
},
"cve": "CVE-2021-40365",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-87985",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-40365",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-020594",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2021-40365",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2021-40365",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-020594",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-87985",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2986",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-40365"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "CNVD",
"id": "CNVD-2022-87985"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-40365",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-382653",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-03",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-87985",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"id": "VAR-202212-1313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
}
],
"trust": 1.306162763125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
}
]
},
"last_update_date": "2024-08-14T12:16:09.047000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens Industrial Product Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/372391"
},
{
"title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232929"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-40365"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-40365/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"date": "2023-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"date": "2022-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"date": "2022-12-13T16:15:14.650000",
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87985"
},
{
"date": "2023-11-29T01:35:00",
"db": "JVNDB",
"id": "JVNDB-2021-020594"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2986"
},
{
"date": "2023-09-12T10:15:08.130000",
"db": "NVD",
"id": "CVE-2021-40365"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020594"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2986"
}
],
"trust": 0.6
}
}
var-202304-0702
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software of Siemens (Siemens) in Germany. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-0702",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus net cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagbase",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagmonitor",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 iec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-8 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte us",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 iec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp advanced",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp dnp3",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp iec",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "siplus net cp advanced \u003cv3.3l",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"cve": "CVE-2022-43716",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-35756",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-43716",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-022093",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-43716",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-43716",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-022093",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-35756",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-727",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software of Siemens (Siemens) in Germany. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43716"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "CNVD",
"id": "CNVD-2023-35756"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-43716",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-566905",
"trust": 3.0
},
{
"db": "SIEMENS",
"id": "SSA-139628",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-103-10",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94715153",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-35756",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2159",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"id": "VAR-202304-0702",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
}
],
"trust": 1.3845387558333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
}
]
},
"last_update_date": "2024-09-10T21:39:02.572000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Denial of Service Vulnerability in Several Siemens Products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/424641"
},
{
"title": "Siemens SIMATIC CP443-1 OPC UA9 Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233080"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
},
{
"problemtype": "Use of freed memory (CWE-416) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94715153/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43716"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43716/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"date": "2023-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"date": "2023-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"date": "2023-04-11T10:15:17.467000",
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35756"
},
{
"date": "2023-11-15T06:20:00",
"db": "JVNDB",
"id": "JVNDB-2022-022093"
},
{
"date": "2023-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-727"
},
{
"date": "2024-09-10T10:15:04.627000",
"db": "NVD",
"id": "CVE-2022-43716"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use of Freed Memory Vulnerability in Multiple Siemens Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022093"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-727"
}
],
"trust": 0.6
}
}
var-202304-0701
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-0701",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus net cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagbase",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagmonitor",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 iec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-8 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte us",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 iec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp advanced",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp dnp3",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp iec",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "siplus net cp advanced \u003cv3.3l",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"cve": "CVE-2022-43768",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-35759",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-43768",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-022095",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-43768",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-022095",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-35759",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-726",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43768"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "CNVD",
"id": "CNVD-2023-35759"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-43768",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-566905",
"trust": 3.0
},
{
"db": "SIEMENS",
"id": "SSA-139628",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-103-10",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94715153",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-35759",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2159",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"id": "VAR-202304-0701",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
}
],
"trust": 1.3845387558333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
}
]
},
"last_update_date": "2024-09-10T22:39:35.933000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Denial of Service Vulnerability in Several Siemens Products (CNVD-2023-35759)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/424651"
},
{
"title": "Siemens SIMATIC CP443-1 OPC UA9 Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233079"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
},
{
"problemtype": "Allocation of resources without limits or throttling (CWE-770) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94715153/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43768"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43768/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"date": "2023-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"date": "2023-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"date": "2023-04-11T10:15:17.617000",
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35759"
},
{
"date": "2023-11-15T06:20:00",
"db": "JVNDB",
"id": "JVNDB-2022-022095"
},
{
"date": "2023-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-726"
},
{
"date": "2024-09-10T10:15:05.020000",
"db": "NVD",
"id": "CVE-2022-43768"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022095"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-726"
}
],
"trust": 0.6
}
}
var-202304-0700
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Several Siemens products, including firmware, contain vulnerabilities related to deadlock.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-0700",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus net cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagbase",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ipc diagmonitor",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "tim 1531 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.6"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 iec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 443-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 dnp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-8 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte us",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1 advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1242-7 v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-1 iec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus net cp 443-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ipc diagmonitor",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp advanced",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "simatic cp dnp3",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp iec",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp 1542sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ipc diagbase",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1\u003cv3.3"
},
{
"model": "siplus net cp advanced \u003cv3.3l",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "443-1"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003cv2.3.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"cve": "CVE-2022-43767",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-35758",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-43767",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-022094",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-43767",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-022094",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-35758",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-729",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. simatic cp 1242-7 v2 firmware, SIMATIC CP 1243-1 firmware, simatic cp 1243-1 dnp3 Several Siemens products, including firmware, contain vulnerabilities related to deadlock.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC IPC DiagMonitor is a set of system monitoring and fault diagnosis software from Siemens. The SIMATIC CP 1242-7 and CP 1243-7 LTE communications processors connect the SIMATIC S7-1200 controllers to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or the ST7 master station via the SINAUT ST7 remote control protocol",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43767"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "CNVD",
"id": "CNVD-2023-35758"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-43767",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-566905",
"trust": 3.0
},
{
"db": "SIEMENS",
"id": "SSA-139628",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-103-10",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94715153",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-35758",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2159",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"id": "VAR-202304-0700",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
}
],
"trust": 1.3845387558333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
}
]
},
"last_update_date": "2024-09-10T22:24:04.730000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Denial of Service Vulnerability in Several Siemens Products (CNVD-2023-35758)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/424646"
},
{
"title": "Siemens SIMATIC CP443-1 OPC UA9 Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=233082"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-833",
"trust": 1.0
},
{
"problemtype": "deadlock (CWE-833) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94715153/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43767"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-10"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43767/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2159"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"date": "2023-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"date": "2023-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"date": "2023-04-11T10:15:17.540000",
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-35758"
},
{
"date": "2023-11-15T06:20:00",
"db": "JVNDB",
"id": "JVNDB-2022-022094"
},
{
"date": "2023-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-729"
},
{
"date": "2024-09-10T10:15:04.850000",
"db": "NVD",
"id": "CVE-2022-43767"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Deadlock vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022094"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-729"
}
],
"trust": 0.6
}
}
var-202202-0371
Vulnerability from variot
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module.
Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202202-0371",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5.2"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.4"
},
{
"model": "tim 1531 irc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.9.2"
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1504d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "s7 1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic drive controller cpu 1507d tf",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "tim 1531 irc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v2.9.4"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "gte",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.5.0\u003cv4.5.2"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531\u003e=v2.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
}
],
"trust": 0.6
},
"cve": "CVE-2021-37185",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-37185",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-10004",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-37185",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-005066",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-37185",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2021-37185",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-37185",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-10004",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202202-551",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003e= V4.5.0 \u003c V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.9.2 \u003c V2.9.4), SIMATIC S7-1500 Software Controller (All versions \u003e= V21.9 \u003c V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions \u003e= V4.0 \u003c V4.0 SP1), SIPLUS TIM 1531 IRC (All versions \u003c V2.3.6), TIM 1531 IRC (All versions \u003c V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. \n\r\n\r\nSeveral Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37185"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNVD",
"id": "CNVD-2022-10004"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-37185",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-838121",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-041-01",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU98748974",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-10004",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021105",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0605",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"id": "VAR-202202-0371",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
}
],
"trust": 1.3236410799999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
}
]
},
"last_update_date": "2024-08-14T13:01:52.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-838121",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"title": "Patch for Denial of Service Vulnerabilities in Multiple Siemens Industrial Products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/318426"
},
{
"title": "Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=181690"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-672",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37185"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98748974/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0605"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021105"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"date": "2023-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"date": "2022-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"date": "2022-02-09T16:15:12.823000",
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-10004"
},
{
"date": "2023-05-16T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2022-005066"
},
{
"date": "2023-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-551"
},
{
"date": "2023-04-11T10:15:09.550000",
"db": "NVD",
"id": "CVE-2021-37185"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005066"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-551"
}
],
"trust": 0.6
}
}
var-202212-1311
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 15prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 317-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1508s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1508s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic s7-1500 cpu 15pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 314",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus s7-300 cpu 315-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 315-2 dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.6.0"
},
{
"model": "simatic s7-1500 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian reported these vulnerabilities to Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
}
],
"trust": 0.6
},
"cve": "CVE-2021-44693",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-87984",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2021-44693",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44693",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-020593",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2021-44693",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44693",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-020593",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-87984",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2988",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44693"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "CNVD",
"id": "CNVD-2022-87984"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44693",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-382653",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-03",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-87984",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"id": "VAR-202212-1311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
}
],
"trust": 1.306162763125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
}
]
},
"last_update_date": "2024-08-14T12:27:23.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87984)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/372401"
},
{
"title": "Siemens SIMATIC Drive Controller Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245497"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1284",
"trust": 1.0
},
{
"problemtype": "Improper validation of quantity specified in input (CWE-1284) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44693"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-44693/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"date": "2023-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"date": "2022-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"date": "2022-12-13T16:15:14.750000",
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87984"
},
{
"date": "2023-11-29T01:33:00",
"db": "JVNDB",
"id": "JVNDB-2021-020593"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2988"
},
{
"date": "2023-09-12T10:15:11.263000",
"db": "NVD",
"id": "CVE-2021-44693"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020593"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2988"
}
],
"trust": 0.6
}
}
var-202212-1314
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to syntactic validation of input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 15prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 317-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1508s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1508s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic s7-1500 cpu 15pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 314",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus s7-300 cpu 315-2 pn\\/dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "siplus s7-300 cpu 315-2 dp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 software controller",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "simatic s7-1200 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.6.0"
},
{
"model": "simatic s7-1500 cpu family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v5.0"
},
{
"model": "siplus tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
},
{
"model": "tim irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian reported these vulnerabilities to Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
}
],
"trust": 0.6
},
"cve": "CVE-2021-44695",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-87982",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2021-44695",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44695",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-020591",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2021-44695",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44695",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-020591",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-87982",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2987",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to syntactic validation of input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44695"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "CNVD",
"id": "CNVD-2022-87982"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44695",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-382653",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-03",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-87982",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"id": "VAR-202212-1314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
}
],
"trust": 1.306162763125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
}
]
},
"last_update_date": "2024-08-14T12:09:38.559000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87982)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/372486"
},
{
"title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245496"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1286",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Improper validation of syntactic correctness of input (CWE-1286) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44695"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-44695/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"date": "2023-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"date": "2022-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"date": "2022-12-13T16:15:14.907000",
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87982"
},
{
"date": "2023-11-29T01:29:00",
"db": "JVNDB",
"id": "JVNDB-2021-020591"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2987"
},
{
"date": "2023-09-12T10:15:14.650000",
"db": "NVD",
"id": "CVE-2021-44695"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input syntactic validity validation vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020591"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2987"
}
],
"trust": 0.6
}
}
var-202212-1312
Vulnerability from variot
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, are vulnerable to improper validation of specified types of input.Information is tampered with and service operation is interrupted (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network.
A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1500 cpu 1517tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1513r-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 15prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513prof-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic et 200 sp open controller cpu 1515sp pc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1510sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515tf-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515t-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1508s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1508s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511t-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 151511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518tf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1512sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-plcsim advanced",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "simatic s7-1500 cpu 15pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512spf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515r-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu cpu 1513pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516t-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1510sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518hf-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516pro-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1512c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1511tf-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1511c-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s f",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1513f-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517f-3 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1516f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1516tf-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518t-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1518-4 dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 software controller",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu 1511-1 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518-4 pn",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1518f-4 pn\\/dp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1517-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1515f-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1500 cpu 1507s",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "siplus tim 1531 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6.0"
},
{
"model": "simatic s7-1500 cpu 1517f-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1215c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-plcsim advanced",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1217c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214 fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 12 1212c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215fc",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic et 200sp open controller cpu 1515sp pc2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic drive controller family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.0.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gao Jian reported these vulnerabilities to Siemens.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
}
],
"trust": 0.6
},
"cve": "CVE-2021-44694",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-87983",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2021-44694",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44694",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-020592",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2021-44694",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44694",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-020592",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-87983",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2985",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, are vulnerable to improper validation of specified types of input.Information is tampered with and service operation is interrupted (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. \n\r\n\r\nA denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44694"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "CNVD",
"id": "CNVD-2022-87983"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44694",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-382653",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-03",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-87983",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"id": "VAR-202212-1312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
}
],
"trust": 1.2655165527272727
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
}
]
},
"last_update_date": "2024-08-14T12:47:24.800000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87983)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/372471"
},
{
"title": "Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245495"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1287",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Improper validation for input of specified type (CWE-1287) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44694"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382653.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-44694/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"date": "2023-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"date": "2022-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"date": "2022-12-13T16:15:14.840000",
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87983"
},
{
"date": "2023-11-29T01:31:00",
"db": "JVNDB",
"id": "JVNDB-2021-020592"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2985"
},
{
"date": "2023-09-12T10:15:13.027000",
"db": "NVD",
"id": "CVE-2021-44694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper validation vulnerability for specified types of input in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020592"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2985"
}
],
"trust": 0.6
}
}