Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-43768
HistoryApr 11, 2023 - 10:15 a.m.

CVE-2022-43768

2023-04-1110:15:00
CWE-770
[email protected]
web.nvd.nist.gov
30
cve-2022-43768
vulnerability
denial of service
simatic
siplus
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

33.4%

JSON

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.

CPENameOperatorVersion
siemens:simatic_cp_1242-7_v2_firmwaresiemens simatic cp 1242-7 v2 firmwareeq*
siemens:simatic_cp_1243-1_firmwaresiemens simatic cp 1243-1 firmwareeq*
siemens:simatic_cp_1243-1_dnp3_firmwaresiemens simatic cp 1243-1 dnp3 firmwareeq*
siemens:simatic_cp_1243-1_iec_firmwaresiemens simatic cp 1243-1 iec firmwareeq*
siemens:simatic_cp_1243-7_lte_eu_firmwaresiemens simatic cp 1243-7 lte eu firmwareeq*
siemens:simatic_cp_1243-7_lte_us_firmwaresiemens simatic cp 1243-7 lte us firmwareeq*
siemens:simatic_cp_1243-8_irc_firmwaresiemens simatic cp 1243-8 irc firmwareeq*
siemens:simatic_cp_1542sp-1_firmwaresiemens simatic cp 1542sp-1 firmwareeq*
siemens:simatic_cp_1542sp-1_irc_firmwaresiemens simatic cp 1542sp-1 irc firmwareeq*
siemens:simatic_cp_1543sp-1_firmwaresiemens simatic cp 1543sp-1 firmwareeq*
Rows per page:
1-10 of 241

Related

prion 1
cvelist 1
nessus 1
ics 1
prion
prion
Design/Logic Flaw
2023-04-11 10:15:00
cvelist
cvelist
CVE-2022-43768
2023-04-11 09:02:51
nessus
nessus
Siemens Industrial Products Allocation of Resources Without Limits or Throttling (CVE-2022-43768)
2023-05-02 00:00:00
ics
ics
Siemens Industrial Products
2023-04-13 12:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

33.4%

JSON
Related for CVE-2022-43768
prion1cvelist1nessus1ics1