Siemens Cp1604 Improper Input Validation

2019-11-0800:00:00

www.tenable.com

0.001 Low

EPSS

Percentile

45.5%

JSON

A vulnerability has been identified in CP1604, CP1616, CP343-1 Advanced (incl. SIPLUS NET variants), CP443-1 (incl. SIPLUS NET variants), CP443-1 Advanced (incl. SIPLUS NET variants), CP443-1 OPC UA (incl. SIPLUS NET variants), RFID 181EIP, SIMATIC CP 1616 and CP 1604, SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variants), SIMATIC CP 443-1 (incl. SIPLUS NET variants), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants), SIMATIC CP 443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F, SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (incl. SIPLUS variants), SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600 family, SIMATIC RF600R, SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS variants), SIMOCODE pro V PN (incl. SIPLUS variants), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5.1 SP1 Control Unit, SINAMICS G150 V4.6 Control Unit, SINAMICS G150 V4.7 Control Unit, SINAMICS G150 V4.7 SP1 Control Unit, SINAMICS G150 V4.8 Control Unit, SINAMICS G150 V5.1 Control Unit, SINAMICS G150 V5.1 SP1 Control Unit, SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S150 V4.6 Control Unit, SINAMICS S150 V4.7 Control Unit, SINAMICS S150 V4.7 SP1 Control Unit, SINAMICS S150 V4.8 Control Unit, SINAMICS S150 V5.1 Control Unit, SINAMICS S150 V5.1 SP1 Control Unit, SINAMICS S210 V5.1 Control Unit, SINAMICS S210 V5.1 SP1 Control Unit, SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. SIPLUS variants), TIM 1531 IRC (incl. SIPLUS NET variants), TIM 1531 IRC (incl. SIPLUS variants). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

File data ot_500268.nasl

VendorProductVersionCPE
siemenscp1604_firmware*cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*
siemenscp1604-cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*
siemenscp1616_firmware*cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*
siemenscp1616-cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*
siemenssimatic_rf185c_firmware*cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf185c-cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*
siemenssimatic_cp343-1_advanced_firmware*cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*
siemenssimatic_cp343-1_advanced-cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*
siemenssimatic_cp443-1_firmware*cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*
siemenssimatic_cp443-1-cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	cp1604_firmware	*	cpe:2.3:o:siemens:cp1604_firmware::::::::
siemens	cp1604	-	cpe:2.3:h:siemens:cp1604:-:::::::*
siemens	cp1616_firmware	*	cpe:2.3:o:siemens:cp1616_firmware::::::::
siemens	cp1616	-	cpe:2.3:h:siemens:cp1616:-:::::::*
siemens	simatic_rf185c_firmware	*	cpe:2.3:o:siemens:simatic_rf185c_firmware::::::::
siemens	simatic_rf185c	-	cpe:2.3:h:siemens:simatic_rf185c:-:::::::*
siemens	simatic_cp343-1_advanced_firmware	*	cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware::::::::
siemens	simatic_cp343-1_advanced	-	cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:::::::*
siemens	simatic_cp443-1_firmware	*	cpe:2.3:o:siemens:simatic_cp443-1_firmware::::::::
siemens	simatic_cp443-1	-	cpe:2.3:h:siemens:simatic_cp443-1:-:::::::*