Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-43716
HistoryApr 11, 2023 - 10:15 a.m.

CVE-2022-43716

2023-04-1110:15:00
CWE-416
[email protected]
web.nvd.nist.gov
27
cve-2022-43716
vulnerability
simatic
siplus
denial of service
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

33.4%

JSON

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.

CPENameOperatorVersion
siemens:simatic_cp_1242-7_v2_firmwaresiemens simatic cp 1242-7 v2 firmwareeq*
siemens:simatic_cp_1243-1_firmwaresiemens simatic cp 1243-1 firmwareeq*
siemens:simatic_cp_1243-1_dnp3_firmwaresiemens simatic cp 1243-1 dnp3 firmwareeq*
siemens:simatic_cp_1243-1_iec_firmwaresiemens simatic cp 1243-1 iec firmwareeq*
siemens:simatic_cp_1243-7_lte_eu_firmwaresiemens simatic cp 1243-7 lte eu firmwareeq*
siemens:simatic_cp_1243-7_lte_us_firmwaresiemens simatic cp 1243-7 lte us firmwareeq*
siemens:simatic_cp_1243-8_irc_firmwaresiemens simatic cp 1243-8 irc firmwareeq*
siemens:simatic_cp_1542sp-1_firmwaresiemens simatic cp 1542sp-1 firmwareeq*
siemens:simatic_cp_1542sp-1_irc_firmwaresiemens simatic cp 1542sp-1 irc firmwareeq*
siemens:simatic_cp_1543sp-1_firmwaresiemens simatic cp 1543sp-1 firmwareeq*
Rows per page:
1-10 of 241

Related

nessus 1
prion 1
cvelist 1
ics 1
nessus
nessus
Siemens Industrial Products Use After Free (CVE-2022-43716)
2023-05-02 00:00:00
prion
prion
Design/Logic Flaw
2023-04-11 10:15:00
cvelist
cvelist
CVE-2022-43716
2023-04-11 09:02:49
ics
ics
Siemens Industrial Products
2023-04-13 12:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

33.4%

JSON
Related for CVE-2022-43716
nessus1prion1cvelist1ics1