CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6305 vulnerabilities reference this CWE, most recent first.
CVE-2023-31026 (GCVE-0-2023-31026)
Vulnerability from cvelistv5 – Published: 2023-11-02 18:56 – Updated: 2024-09-05 14:34| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | vGPU driver and Cloud gaming driver |
Affected:
All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T14:24:50.601821Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T14:34:42.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vGPU driver and Cloud gaming driver",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service."
}
],
"value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T18:56:22.940Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-31026",
"datePublished": "2023-11-02T18:56:22.940Z",
"dateReserved": "2023-04-22T02:38:27.192Z",
"dateUpdated": "2024-09-05T14:34:42.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31022 (GCVE-0-2023-31022)
Vulnerability from cvelistv5 – Published: 2023-11-02 18:56 – Updated: 2025-02-27 20:35| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver |
Affected:
All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:24.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31022",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:48:29.314538Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:35:31.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service."
}
],
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T18:56:22.082Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-31022",
"datePublished": "2023-11-02T18:56:22.082Z",
"dateReserved": "2023-04-22T02:38:27.190Z",
"dateUpdated": "2025-02-27T20:35:31.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31021 (GCVE-0-2023-31021)
Vulnerability from cvelistv5 – Published: 2023-11-02 18:56 – Updated: 2024-09-05 14:35| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | vGPU driver and Cloud gaming driver |
Affected:
All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31021",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T14:25:13.496871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T14:35:22.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vGPU driver and Cloud gaming driver",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service."
}
],
"value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T18:56:21.642Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-31021",
"datePublished": "2023-11-02T18:56:21.642Z",
"dateReserved": "2023-04-22T02:38:27.190Z",
"dateUpdated": "2024-09-05T14:35:22.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31018 (GCVE-0-2023-31018)
Vulnerability from cvelistv5 – Published: 2023-11-02 18:56 – Updated: 2025-02-27 20:35| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | vGPU driver and Cloud gaming driver |
Affected:
All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:24.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:48:30.468119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:35:37.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vGPU driver and Cloud gaming driver",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service."
}
],
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T18:56:20.305Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5491"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-31018",
"datePublished": "2023-11-02T18:56:20.305Z",
"dateReserved": "2023-04-22T02:38:27.189Z",
"dateUpdated": "2025-02-27T20:35:37.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30756 (GCVE-0-2023-30756)
Vulnerability from cvelistv5 – Published: 2024-09-10 09:33 – Updated: 2024-09-10 15:10- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-7 LTE |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-8 IRC |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC HMI Comfort Panels (incl. SIPLUS variants) |
Affected:
All versions
|
|
| Siemens | SIMATIC IPC DiagBase |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC IPC DiagMonitor |
Affected:
All versions
|
|
| Siemens | SIMATIC WinCC Runtime Advanced |
Affected:
All versions
|
|
| Siemens | SIPLUS TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
|
| Siemens | TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:09:52.396615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:10:00.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference.\r\n\r\nThis could allow a remote attacker with no privileges to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:40.640Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-30756",
"datePublished": "2024-09-10T09:33:40.640Z",
"dateReserved": "2023-04-14T11:16:56.497Z",
"dateUpdated": "2024-09-10T15:10:00.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30755 (GCVE-0-2023-30755)
Vulnerability from cvelistv5 – Published: 2024-09-10 09:33 – Updated: 2024-09-10 15:10- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-7 LTE |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-8 IRC |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC HMI Comfort Panels (incl. SIPLUS variants) |
Affected:
All versions
|
|
| Siemens | SIMATIC IPC DiagBase |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC IPC DiagMonitor |
Affected:
All versions
|
|
| Siemens | SIMATIC WinCC Runtime Advanced |
Affected:
All versions
|
|
| Siemens | SIPLUS TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
|
| Siemens | TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:10:26.969445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:10:35.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources. \r\n\r\nThis could allow a remote attacker with elevated privileges to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:39.215Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-30755",
"datePublished": "2024-09-10T09:33:39.215Z",
"dateReserved": "2023-04-14T11:16:56.497Z",
"dateUpdated": "2024-09-10T15:10:35.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29180 (GCVE-0-2023-29180)
Vulnerability from cvelistv5 – Published: 2024-02-22 09:40 – Updated: 2024-08-14 19:14- CWE-476 - Denial of service
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiOS |
Affected:
7.2.0 , ≤ 7.2.4
(semver)
Affected: 7.0.0 , ≤ 7.0.11 (semver) Affected: 6.4.0 , ≤ 6.4.12 (semver) Affected: 6.2.0 , ≤ 6.2.14 (semver) Affected: 6.0.0 , ≤ 6.0.16 (semver) |
|
| Fortinet | FortiProxy |
Affected:
7.2.0 , ≤ 7.2.3
(semver)
Affected: 7.0.0 , ≤ 7.0.10 (semver) Affected: 2.0.0 , ≤ 2.0.12 (semver) Affected: 1.2.0 , ≤ 1.2.13 (semver) Affected: 1.1.0 , ≤ 1.1.6 (semver) Affected: 1.0.0 , ≤ 1.0.7 (semver) |
|
| fortinet | fortios |
Affected:
7.2.0 , ≤ 7.2.4
(semver)
Affected: 7.0.0 , ≤ 7.0.11 (semver) Affected: 6.4.0 , ≤ 6.4.12 (semver) Affected: 6.2.0 , ≤ 6.2..14 (semver) Affected: 6.0.0 , ≤ 6.0.16 (semver) cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* |
|
| fortinet | fortiproxy |
Affected:
7.2.0 , ≤ 7.2.3
(semver)
Affected: 7.0.0 , ≤ 7.0.10 (semver) Affected: 2.0.0 , ≤ 2.0.12 (semver) Affected: 1.2.0 , ≤ 1.2.13 (semver) Affected: 1.1.0 , ≤ 1.1.6 (semver) Affected: 1.0.0 , ≤ 1.0.7 (semver) cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-111",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-111"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2..14",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:10:11.418944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:14:50.810Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.14",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T09:40:16.463Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-111",
"url": "https://fortiguard.com/psirt/FG-IR-23-111"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \nPlease upgrade to FortiOS version 6.2.15 or above \nPlease upgrade to FortiOS version 6.0.17 or above \nPlease upgrade to FortiSASE version 22.4 or above \nPlease upgrade to FortiProxy version 7.2.4 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiProxy version 2.0.13 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-29180",
"datePublished": "2024-02-22T09:40:16.463Z",
"dateReserved": "2023-04-03T08:47:30.452Z",
"dateUpdated": "2024-08-14T19:14:50.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29179 (GCVE-0-2023-29179)
Vulnerability from cvelistv5 – Published: 2024-02-22 09:40 – Updated: 2024-08-02 14:00- CWE-476 - Denial of service
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiProxy |
Affected:
7.2.0 , ≤ 7.2.4
(semver)
Affected: 7.0.0 , ≤ 7.0.10 (semver) |
|
| Fortinet | FortiOS |
Affected:
7.2.0 , ≤ 7.2.4
(semver)
Affected: 7.0.0 , ≤ 7.0.11 (semver) Affected: 6.4.0 , ≤ 6.4.12 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T16:40:02.132971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:55.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-125",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-22T09:40:11.939Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-125",
"url": "https://fortiguard.com/psirt/FG-IR-23-125"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiSASE version 22.4 or above \nPlease upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-29179",
"datePublished": "2024-02-22T09:40:11.939Z",
"dateReserved": "2023-04-03T08:47:30.452Z",
"dateUpdated": "2024-08-02T14:00:15.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28827 (GCVE-0-2023-28827)
Vulnerability from cvelistv5 – Published: 2024-09-10 09:33 – Updated: 2024-09-10 15:11- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-7 LTE |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC CP 1243-8 IRC |
Affected:
0 , < V3.5.20
(custom)
|
|
| Siemens | SIMATIC HMI Comfort Panels (incl. SIPLUS variants) |
Affected:
All versions
|
|
| Siemens | SIMATIC IPC DiagBase |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC IPC DiagMonitor |
Affected:
All versions
|
|
| Siemens | SIMATIC WinCC Runtime Advanced |
Affected:
All versions
|
|
| Siemens | SIPLUS TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
|
| Siemens | TIM 1531 IRC |
Affected:
0 , < V2.4.8
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:10:54.020229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:11:03.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagBase",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.5.20), SIMATIC CP 1243-7 LTE (All versions \u003c V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.4.8). The web server of the affected devices do not properly handle certain requests, causing a timeout in the watchdog, which could lead to the clean up of pointers. \r\n\r\nThis could allow a remote attacker to cause a denial of service condition in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:37.794Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-423808.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28827",
"datePublished": "2024-09-10T09:33:37.794Z",
"dateReserved": "2023-03-24T15:17:29.557Z",
"dateUpdated": "2024-09-10T15:11:03.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28766 (GCVE-0-2023-28766)
Vulnerability from cvelistv5 – Published: 2023-04-11 09:03 – Updated: 2025-11-11 20:20- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SIPROTEC 5 6MD85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 6MD86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 6MD89 (CP300) |
Affected:
V7.80 , < V9.64
(custom)
|
|
| Siemens | SIPROTEC 5 6MU85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7KE85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SA82 (CP100) |
Affected:
0 , < V8.90
(custom)
|
|
| Siemens | SIPROTEC 5 7SA82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SA86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SA87 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SD82 (CP100) |
Affected:
0 , < V8.90
(custom)
|
|
| Siemens | SIPROTEC 5 7SD82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SD86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SD87 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ81 (CP100) |
Affected:
0 , < V8.89
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ81 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ82 (CP100) |
Affected:
0 , < V8.89
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SJ86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SK82 (CP100) |
Affected:
0 , < V8.89
(custom)
|
|
| Siemens | SIPROTEC 5 7SK82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SK85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SL82 (CP100) |
Affected:
0 , < V8.90
(custom)
|
|
| Siemens | SIPROTEC 5 7SL82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SL86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SL87 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SS85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7ST85 (CP300) |
Affected:
V7.80 , < V9.64
(custom)
|
|
| Siemens | SIPROTEC 5 7ST86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SX82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7SX85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7UM85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7UT82 (CP100) |
Affected:
0 , < V8.90
(custom)
|
|
| Siemens | SIPROTEC 5 7UT82 (CP150) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7UT85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7UT86 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7UT87 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7VE85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7VK87 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 7VU85 (CP300) |
Affected:
V7.80 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) |
Affected:
0 , < V8.89
(custom)
|
|
| Siemens | SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) |
Affected:
0 , < V8.89
(custom)
|
|
| Siemens | SIPROTEC 5 Communication Module ETH-BD-2FO |
Affected:
0 , < V9.40
(custom)
|
|
| Siemens | SIPROTEC 5 Compact 7SX800 (CP050) |
Affected:
0 , < V9.40
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-322980.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD89 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.64",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7KE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SS85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.64",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UM85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VK87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BD-2FO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Compact 7SX800 (CP050)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80 \u003c V9.64), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SA82 (CP100) (All versions \u003c V8.90), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SD82 (CP100) (All versions \u003c V8.90), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SK82 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SL82 (CP100) (All versions \u003c V8.90), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7ST85 (CP300) (All versions \u003e= V7.80 \u003c V9.64), SIPROTEC 5 7ST86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SX85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT82 (CP100) (All versions \u003c V8.90), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VU85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions \u003c V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions \u003c V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions \u003c V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions \u003c V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions \u003c V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T20:20:07.076Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-322980.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28766",
"datePublished": "2023-04-11T09:03:05.547Z",
"dateReserved": "2023-03-23T09:09:31.711Z",
"dateUpdated": "2025-11-11T20:20:07.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.