Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller (Update A)

🗓️ 10 Nov 2020 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 42 Views

The Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller (Update A) advisory describes a vulnerability in affected products allowing uncontrolled resource consumption, leading to a denial-of-service condition, with a CVSS v3 base score of 5.9

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2020-15783	12 Nov 202022:32	–	circl
CNVD	Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller Denial of Service Vulnerability	11 Nov 202000:00	–	cnvd
CVE	CVE-2020-15783	12 Nov 202019:21	–	cve
Cvelist	CVE-2020-15783	12 Nov 202019:21	–	cvelist
EUVD	EUVD-2020-7766	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Siemens Simatic products	10 Aug 202100:00	–	ncsc
NVD	CVE-2020-15783	12 Nov 202020:15	–	nvd
Tenable Nessus	Siemens Sinumerik Uncontrolled Resource Consumption	10 Aug 202100:00	–	nessus
Tenable Nessus	Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller Uncontrolled Resource Consumption (CVE-2020-15783)	7 Feb 202200:00	–	nessus
Prion	Design/Logic Flaw	12 Nov 202020:15	–	prion

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-492828.json
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-492828.txt
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-315-04.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-20-315-04
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf