Lucene search
China National Vulnerability DatabaseCNVD-2023-75575HistoryOct 11, 2023 - 12:00 a.m.
Siemens SIMATIC CP Device Uncontrolled Resource Consumption Vulnerability
2023-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
siemens
simatic
cp device
uncontrolled resource consumption
vulnerability
pci express
industrial ethernet
profinet
direct memory access
denial of service
physical power cycle
security issue
The SIMATIC CP 1623, CP 1626 and CP 1628 are PCI express cards for connection to industrial Ethernet. the SIMATIC CP 1604 and CP 1616 are PCI/PCI-104 cards for the connection of field devices to PROFINET industrial Ethernet. The Siemens SIMATIC CP devices are vulnerable to an uncontrolled resource consumption vulnerability due to the affected devices not being able to adequately control the sequential mapping of direct memory access (DMA) requests. An attacker could exploit this vulnerability to cause a denial of service on the host. A physical power cycle is required to get the system working again.
Related
cve
cve
CVE-2023-37195
2023-10-10 11:15:11
cvelist
cvelist
CVE-2023-37195
2023-10-10 10:21:24
nessus
nessus
nvd
nvd
CVE-2023-37195
2023-10-10 11:15:11
prion
prion
Design/Logic Flaw
2023-10-10 11:15:00
ics
ics
Siemens SIMATIC CP products
2023-10-12 12:00:00