Search criteria

14 vulnerabilities found for simatic_cp_343-1_firmware by siemens

CVE-2023-51440 (GCVE-0-2023-51440)

Vulnerability from nvd – Published: 2024-02-13 09:00 – Updated: 2024-08-02 22:32
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C
CWE
  • CWE-940 - Improper Verification of Source of a Communication Channel
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC CP 343-1 Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-51440",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-21T20:12:53.508055Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:20:22.538Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:32:10.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-940",
              "description": "CWE-940: Improper Verification of Source of a Communication Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T09:00:04.702Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-51440",
    "datePublished": "2024-02-13T09:00:04.702Z",
    "dateReserved": "2023-12-19T12:49:24.031Z",
    "dateUpdated": "2024-08-02T22:32:10.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-33737 (GCVE-0-2021-33737)

Vulnerability from nvd – Published: 2021-09-14 10:47 – Updated: 2024-08-03 23:58
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C
CWE
  • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:58:22.953Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 ERPC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T09:01:52.372Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-33737",
    "datePublished": "2021-09-14T10:47:38",
    "dateReserved": "2021-05-28T00:00:00",
    "dateUpdated": "2024-08-03T23:58:22.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13946 (GCVE-0-2019-13946)

Vulnerability from nvd – Published: 2020-02-11 15:36 – Updated: 2024-08-05 00:05
VLAI?
Summary
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All Versions < V4.5
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All Versions < V4.6
Create a notification for this product.
    Siemens PROFINET Driver for Controller Affected: All Versions < V2.1
Create a notification for this product.
    Siemens RUGGEDCOM RM1224 family Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M804PB Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M812-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M812-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M816-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M816-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M826-2 SHDSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M874-2 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M874-3 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-3 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-3 (ROK) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-4 (EU) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-4 (NAM) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE S615 LAN-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions <= V6.0.1
Create a notification for this product.
    Siemens SCALANCE X200-4P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X201-3P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X201-3P IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2P IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X204-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2FM Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2LD TS Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2TS Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X204IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X206-1 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X206-1LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X208 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X208PRO Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X212-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X212-2LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X216 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X224 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X304-2FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X306-1LD FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH+ Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH+ Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M PoE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M PoE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M TS Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M TS Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X320-1 FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X320-1-2LD FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X408-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XB-200 family Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XC-200 Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XF-200BA Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XF201-3P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF202-2P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF204 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF204-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF204-2BA IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF204IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF206-1 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF208 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All Versions < V6.0
Create a notification for this product.
    Siemens SCALANCE XP-200 Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XR-300WG family Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All Versions < V6.0
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M TS (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M TS (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE TS (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SIMATIC CP 1616 and CP 1604 Affected: All Versions < V2.8
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 ERPC Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC IPC Support, Package for VxWorks Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All Versions
Create a notification for this product.
    Siemens SIMATIC RF180C Affected: All versions
Create a notification for this product.
    Siemens SIMATIC RF182C Affected: All versions
Create a notification for this product.
    Siemens SIMATIC RF600R family Affected: All versions < V3
Create a notification for this product.
    Siemens SIMOTION C Affected: All versions < V4.5
Create a notification for this product.
    Siemens SIMOTION D Affected: All versions < V4.5
Create a notification for this product.
    Siemens SIMOTION P Affected: All versions < V4.5
Create a notification for this product.
    Siemens SINAMICS DCP Affected: All Versions < V1.3
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Advanced Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Lean Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Advanced Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIPLUS NET SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SOFTNET-IE PNIO Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-13946",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T18:06:01.358486Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T18:06:09.778Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:05:44.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-780073.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V4.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PROFINET Driver for Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c= V6.0.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X200-4P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2FM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X304-2FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X306-1LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X320-1 FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X320-1-2LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB-200 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC-200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF-200BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP-200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-300WG family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616 and CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V2.8"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 ERPC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC Support, Package for VxWorks",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF180C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF182C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF600R family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SOFTNET-IE PNIO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T12:03:58.088Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-780073.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-13946",
    "datePublished": "2020-02-11T15:36:10",
    "dateReserved": "2019-07-18T00:00:00",
    "dateUpdated": "2024-08-05T00:05:44.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-4843 (GCVE-0-2018-4843)

Vulnerability from nvd – Published: 2018-03-20 14:00 – Updated: 2024-08-05 05:18
VLAI?
Summary
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC S7-400 CPU 414-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 414F-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 416-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 416F-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8FX PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200S IM151-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200S IM151-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V1.7.0
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V1.7.0
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 314C-2 PN/DP Affected: All versions < V3.3.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315T-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317T-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317TF-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 319-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 319F-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 412-2 PN V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: All versions < V6.0.9
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: All versions < V6.0.7
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.1
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SINUMERIK 828D Affected: All versions < V4.7 SP6 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200S IM151-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS ET 200S IM151-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Advanced Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 314C-2 PN/DP Affected: All versions < V3.3.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 315-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 315F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 317-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 317F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-400 CPU 414-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIPLUS S7-400 CPU 416-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.7.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.7.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 CPU 412-2 PN V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.0.9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.0.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in  SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V1.7.0), SIMATIC S7-1500 Software Controller (All versions \u003c V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions \u003c V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions \u003c V8.1), SIMATIC WinAC RTX 2010 (All versions \u003c V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions \u003c V2010 SP3), SINUMERIK 828D (All versions \u003c V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.\r\n\r\nThe security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-09T11:50:59.460Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4843",
    "datePublished": "2018-03-20T14:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:18:26.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-8673 (GCVE-0-2016-8673)

Vulnerability from nvd – Published: 2016-11-23 11:00 – Updated: 2024-08-06 02:27
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-12T19:08:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8673",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8673",
    "datePublished": "2016-11-23T11:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-8672 (GCVE-0-2016-8672)

Vulnerability from nvd – Published: 2016-11-23 11:00 – Updated: 2024-08-06 02:27
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.274Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-12T19:08:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8672",
    "datePublished": "2016-11-23T11:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8214 (GCVE-0-2015-8214)

Vulnerability from nvd – Published: 2015-11-27 15:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs' configuration was stored on their corresponding CPUs.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.851Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "78345",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/78345"
          },
          {
            "name": "1034279",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs\u0027 configuration was stored on their corresponding CPUs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-22T20:42:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "78345",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/78345"
        },
        {
          "name": "1034279",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs\u0027 configuration was stored on their corresponding CPUs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "78345",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/78345"
            },
            {
              "name": "1034279",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034279"
            },
            {
              "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8214",
    "datePublished": "2015-11-27T15:00:00",
    "dateReserved": "2015-11-16T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-51440 (GCVE-0-2023-51440)

Vulnerability from cvelistv5 – Published: 2024-02-13 09:00 – Updated: 2024-08-02 22:32
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C
CWE
  • CWE-940 - Improper Verification of Source of a Communication Channel
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC CP 343-1 Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-51440",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-21T20:12:53.508055Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:20:22.538Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:32:10.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-940",
              "description": "CWE-940: Improper Verification of Source of a Communication Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T09:00:04.702Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-51440",
    "datePublished": "2024-02-13T09:00:04.702Z",
    "dateReserved": "2023-12-19T12:49:24.031Z",
    "dateUpdated": "2024-08-02T22:32:10.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-33737 (GCVE-0-2021-33737)

Vulnerability from cvelistv5 – Published: 2021-09-14 10:47 – Updated: 2024-08-03 23:58
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C
CWE
  • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:58:22.953Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 ERPC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T09:01:52.372Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-33737",
    "datePublished": "2021-09-14T10:47:38",
    "dateReserved": "2021-05-28T00:00:00",
    "dateUpdated": "2024-08-03T23:58:22.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13946 (GCVE-0-2019-13946)

Vulnerability from cvelistv5 – Published: 2020-02-11 15:36 – Updated: 2024-08-05 00:05
VLAI?
Summary
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All Versions < V4.5
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All Versions < V4.6
Create a notification for this product.
    Siemens PROFINET Driver for Controller Affected: All Versions < V2.1
Create a notification for this product.
    Siemens RUGGEDCOM RM1224 family Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M804PB Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M812-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M812-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M816-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M816-1 ADSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M826-2 SHDSL-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M874-2 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M874-3 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-3 Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-3 (ROK) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-4 (EU) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE M876-4 (NAM) Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE S615 LAN-Router Affected: All versions < V4.3
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions <= V6.0.1
Create a notification for this product.
    Siemens SCALANCE X200-4P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X201-3P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X201-3P IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X202-2P IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X204-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2FM Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2LD TS Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204-2TS Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X204IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X204IRT PRO Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE X206-1 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X206-1LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X208 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X208PRO Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X212-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X212-2LD Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X216 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X224 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X302-7 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X304-2FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X306-1LD FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-2 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X307-3LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LD Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH+ Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2LH+ Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M PoE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M PoE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M TS Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X308-2M TS Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X310FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X320-1 FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X320-1-2LD FE Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE X408-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XB-200 family Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XC-200 Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XF-200BA Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XF201-3P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF202-2P IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF204 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF204-2 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF204-2BA IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF204IRT Affected: All Versions < V5.3
Create a notification for this product.
    Siemens SCALANCE XF206-1 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XF208 Affected: All versions < V5.2.5
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All Versions < V6.0
Create a notification for this product.
    Siemens SCALANCE XP-200 Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XR-300WG family Affected: All Versions < V3.0
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All Versions < V6.0
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M TS (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-12M TS (24V) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M EEC (2x 24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SCALANCE XR324-4M PoE TS (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SIMATIC CP 1616 and CP 1604 Affected: All Versions < V2.8
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 ERPC Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC IPC Support, Package for VxWorks Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All Versions
Create a notification for this product.
    Siemens SIMATIC RF180C Affected: All versions
Create a notification for this product.
    Siemens SIMATIC RF182C Affected: All versions
Create a notification for this product.
    Siemens SIMATIC RF600R family Affected: All versions < V3
Create a notification for this product.
    Siemens SIMOTION C Affected: All versions < V4.5
Create a notification for this product.
    Siemens SIMOTION D Affected: All versions < V4.5
Create a notification for this product.
    Siemens SIMOTION P Affected: All versions < V4.5
Create a notification for this product.
    Siemens SINAMICS DCP Affected: All Versions < V1.3
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Advanced Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 343-1 Lean Affected: All versions
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Advanced Affected: 0 , < V3.3 (custom)
Create a notification for this product.
    Siemens SIPLUS NET SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
    Siemens SOFTNET-IE PNIO Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-13946",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T18:06:01.358486Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T18:06:09.778Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:05:44.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-780073.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V4.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PROFINET Driver for Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c= V6.0.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X200-4P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2FM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X302-7 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X304-2FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X306-1LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-2 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X320-1 FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X320-1-2LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB-200 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC-200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF-200BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP-200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-300WG family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616 and CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V2.8"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 ERPC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC Support, Package for VxWorks",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF180C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF182C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF600R family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Lean",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SOFTNET-IE PNIO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T12:03:58.088Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-780073.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-13946",
    "datePublished": "2020-02-11T15:36:10",
    "dateReserved": "2019-07-18T00:00:00",
    "dateUpdated": "2024-08-05T00:05:44.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-4843 (GCVE-0-2018-4843)

Vulnerability from cvelistv5 – Published: 2018-03-20 14:00 – Updated: 2024-08-05 05:18
VLAI?
Summary
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC S7-400 CPU 414-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 414F-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 416-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 416F-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM154-8FX PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200S IM151-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC ET 200S IM151-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V1.7.0
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V1.7.0
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 314C-2 PN/DP Affected: All versions < V3.3.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 315T-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317T-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 317TF-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 319-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU 319F-3 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIMATIC S7-400 CPU 412-2 PN V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: All versions < V6.0.9
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: All versions < V6.0.7
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.1
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SINUMERIK 828D Affected: All versions < V4.7 SP6 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200S IM151-8 PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS ET 200S IM151-8F PN/DP CPU Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIPLUS NET CP 443-1 Advanced Affected: All versions < V3.3
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 314C-2 PN/DP Affected: All versions < V3.3.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 315-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 315F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 317-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-300 CPU 317F-2 PN/DP Affected: All versions < V3.2.16
Create a notification for this product.
    Siemens SIPLUS S7-400 CPU 414-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens SIPLUS S7-400 CPU 416-3 PN/DP V7 Affected: All versions < V7.0.3
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 414-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 414F-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 416-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": " SIMATIC S7-400 CPU 416F-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.7.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.7.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 CPU 412-2 PN V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.0.9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.0.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-400 CPU 414-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-400 CPU 416-3 PN/DP V7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in  SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3),  SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions \u003c V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (All versions \u003c V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V1.7.0), SIMATIC S7-1500 Software Controller (All versions \u003c V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions \u003c V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions \u003c V8.1), SIMATIC WinAC RTX 2010 (All versions \u003c V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions \u003c V2010 SP3), SINUMERIK 828D (All versions \u003c V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.2.16), SIPLUS NET CP 443-1 (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (All versions \u003c V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions \u003c V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions \u003c V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.\r\n\r\nThe security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-09T11:50:59.460Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4843",
    "datePublished": "2018-03-20T14:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:18:26.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-8673 (GCVE-0-2016-8673)

Vulnerability from cvelistv5 – Published: 2016-11-23 11:00 – Updated: 2024-08-06 02:27
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-12T19:08:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8673",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8673",
    "datePublished": "2016-11-23T11:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-8672 (GCVE-0-2016-8672)

Vulnerability from cvelistv5 – Published: 2016-11-23 11:00 – Updated: 2024-08-06 02:27
VLAI?
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.274Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-12T19:08:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8672",
    "datePublished": "2016-11-23T11:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-8214 (GCVE-0-2015-8214)

Vulnerability from cvelistv5 – Published: 2015-11-27 15:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs' configuration was stored on their corresponding CPUs.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.851Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "78345",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/78345"
          },
          {
            "name": "1034279",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs\u0027 configuration was stored on their corresponding CPUs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-22T20:42:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "78345",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/78345"
        },
        {
          "name": "1034279",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions \u003c V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions \u003c V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions \u003c V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs\u0027 configuration was stored on their corresponding CPUs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "78345",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/78345"
            },
            {
              "name": "1034279",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034279"
            },
            {
              "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8214",
    "datePublished": "2015-11-27T15:00:00",
    "dateReserved": "2015-11-16T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}