A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINUMERIK MC (All versions < V6.21), SINUMERIK ONE (All versions < V6.21). Affected products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. This could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HSiemens Simatic Drive Controller Cpu 1504d Tf
HWSiemenswszystkie wersjeSiemens Simatic Drive Controller Cpu 1504d Tf Firmware
OSSiemens< 2.9.2Siemens Simatic Drive Controller Cpu 1507d Tf
HWSiemenswszystkie wersjeSiemens Simatic Drive Controller Cpu 1507d Tf Firmware
OSSiemens< 2.9.2Siemens Simatic Et 200 Open Controller Cpu 1515sp Pc
HWSiemenswszystkie wersjeSiemens Simatic Et 200 Open Controller Cpu 1515sp Pc2
HWSiemenswszystkie wersjeSiemens Simatic Et 200 Sp Open Controller Cpu 1515sp Pc2 Firmware
OSSiemens< 21.9Siemens Simatic Et 200 Sp Open Controller Cpu 1515sp Pc Firmware
OSSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1211c
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1211c Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1212c
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1212c Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1212fc
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1212fc Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1214c
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1214c Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1214fc
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1214fc Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1215c
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1215c Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1215fc
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1215fc Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1200 Cpu 12 1217c
HWSiemenswszystkie wersjeSiemens Simatic S7 1200 Cpu 12 1217c Firmware
OSSiemens< 4.5.0Siemens Simatic S7 1500 Cpu 1510sp
HWSiemenswszystkie wersjeSiemens Simatic S7 1500 Cpu 1510sp 1
HWSiemenswszystkie wersjeSiemens Simatic S7 1500 Cpu 1510sp 1 Firmware
OSSiemens< 2.9.2Siemens Simatic S7 1500 Cpu 1510sp Firmware
OSSiemens< 2.9.2Siemens Simatic S7 1500 Cpu 1511 1
HWSiemenswszystkie wersjeSiemens Simatic S7 1500 Cpu 1511 1 Firmware
OSSiemens< 2.9.2
Powiązane podatności
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200...
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attack...
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability tha...
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could all...
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Por...