VDB
SSA-423808
SSA-423808
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Multiple NULL pointer dereference vulnerabilities in the affected products could allow an attacker with network access to the webserver, to perform a denial of service attack. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
Risk Scores
CVSS v3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC IPC DiagMonitor | ||
| SIMATIC CP 1243-1 (incl. SIPLUS variants) | ||
| SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) | ||
| SIMATIC WinCC Runtime Advanced | ||
| SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) | ||
| TIM 1531 IRC (6GK7543-1MX00-0XE0) | ||
| SIMATIC HMI Comfort Panels (incl. SIPLUS variants) | ||
| SIMATIC CP 1243-7 LTE | ||
| SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) | ||
| SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) | ||
| SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) | ||
| SIMATIC IPC DiagBase |
Timeline
- Sep 10, 2024 CVE Published