A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HSiemens Simatic Cp 1543 1
HWSiemenswszystkie wersjeSiemens Simatic Cp 1543 1 Firmware
OSSiemens< 2.0.28Siemens Siplus Net Cp 1543 1
HWSiemenswszystkie wersjeSiemens Siplus Net Cp 1543 1 Firmware
OSSiemens< 2.0.28
CISA KEV — szczegółyi
- Dostawcai
- Siemens
- Produkti
- SIMATIC CP
- Data dodania do KEVi
- 3 marca 2022
- Termin remediation (USA)i
- 24 marca 2022(po terminie)
Zastosuj aktualizacje zgodnie z instrukcjami producenta.
▸ Pokaż oryginał (EN)
Apply updates per vendor instructions.
Luka w zarządzaniu uprawnieniami istnieje w procesorze komunikacyjnym Siemens SIMATIC (CP), która umożliwia uprzywilejowanemu atakującemu zdalne spowodowanie odmowy usługi.
▸ Pokaż oryginał (EN)
An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Powiązane podatności
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All v...
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and ...
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < ...
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All v...
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(...