CVE-2020-7586

🗓️ 10 Jun 2020 16:23:52Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 52 Views

A buffer overflow vulnerability in SIMATIC PCS 7, SIMATIC PDM, SIMATIC STEP 7, and SINAMICS STARTER could lead to a Denial-of-Service

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2020-7586	10 Jun 202016:23	–	cvelist
EUVD	EUVD-2020-28711	7 Oct 202500:30	–	euvd
ICS	Siemens SIMATIC, SINAMICS (Update C)	9 Jun 202000:00	–	ics
NCSC	Vulnerabilities fixed in Siemens vulnerabilities	8 Dec 202000:00	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products	13 Apr 202100:00	–	ncsc
NVD	CVE-2020-7586	10 Jun 202017:15	–	nvd
Prion	Buffer overflow	10 Jun 202017:15	–	prion
RedhatCVE	CVE-2020-7586	9 Jan 202609:59	–	redhatcve

NVD

Node

siemens simatic_pcs_7

siemens simatic_process_device_manager

siemens simatic_step_7Range<5.6

siemens simatic_step_7Match5.6-

siemens simatic_step_7Match5.6sp1

siemens simatic_step_7Match5.6sp2

siemens simatic_step_7Match5.6sp2_hotfix1

siemens sinamics_starterRange<5.4

siemens sinamics_starterMatch5.4-

[
  {
    "product": "SIMATIC PCS 7 V8.2 and earlier",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC PCS 7 V9.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V9.0 SP3"
      }
    ]
  },
  {
    "product": "SIMATIC PDM",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V9.2"
      }
    ]
  },
  {
    "product": "SIMATIC STEP 7 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.6 SP2 HF3"
      }
    ]
  },
  {
    "product": "SINAMICS STARTER (containing STEP 7 OEM version)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.4 HF2"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-20-161-05
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf
us-cert	www.us-cert.gov/ics/advisories/icsa-20-161-05

21 Nov 2024 05:37Current

7.5High risk

Vulners AI Score7.5

CVSS 24.6

CVSS 3.17.8

EPSS0.00151