VDB

ICSA-21-257-15

ICSA-21-257-15 PUBLISHED CVSS 7.5 HIGH

A denial of service vulnerability was identified in different types of Communication Processors. An attacker could exploit this vulnerability causing the device to become un-operational until the device is restarted. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C

Affected Products

VendorProductVersions
SIMATIC CP 343-1 ERPC (6GK7343-1FX00-0XE0)
SIMATIC CP 443-1 (6GK7443-1EX30-0XE1)
SIMATIC CP 343-1 (incl. SIPLUS variants)
SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0)
SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0)
SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)
SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0)
SIMATIC CP 443-1 (6GK7443-1EX30-0XE0)
SIMATIC CP 343-1 Lean (incl. SIPLUS variants)

Timeline

  • Sep 14, 2021 CVE Published
  • May 6, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›