CRITICAL🇵🇱 Wersja polska

CVE-2022-34819

CVSS 10.0v3.1pub. 2022-07-12upd. 2024-11-21

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Siemens Simatic Cp 1242 7 V2

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1242 7 V2 Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 1

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 1 Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 7 Lte Eu

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 7 Lte Eu Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 7 Lte Us

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 7 Lte Us Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 8 Irc

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1243 8 Irc Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1542sp 1 Irc

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1542sp 1 Irc Firmware

    OS
    Siemens
    ≥ 2.0
  • Siemens Simatic Cp 1543 1

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1543 1 Firmware

    OS
    Siemens
    < 3.0.22
  • Siemens Simatic Cp 1543sp 1

    HW
    Siemens
    wszystkie wersje
  • Siemens Simatic Cp 1543sp 1 Firmware

    OS
    Siemens
    ≥ 2.0
  • Siemens Siplus Et 200sp Cp 1542sp 1 Irc Tx Rail

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus Et 200sp Cp 1542sp 1 Irc Tx Rail Firmware

    OS
    Siemens
    ≥ 2.0
  • Siemens Siplus Et 200sp Cp 1543sp 1 Isec

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus Et 200sp Cp 1543sp 1 Isec Firmware

    OS
    Siemens
    ≥ 2.0
  • Siemens Siplus Et 200sp Cp 1543sp 1 Isec Tx Rail

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus Et 200sp Cp 1543sp 1 Isec Tx Rail Firmware

    OS
    Siemens
    ≥ 2.0
  • Siemens Siplus Net Cp 1242 7 V2

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus Net Cp 1242 7 V2 Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Siplus Net Cp 1543 1

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus Net Cp 1543 1 Firmware

    OS
    Siemens
    < 3.0.22
  • Siemens Siplus S7 1200 Cp 1243 1

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus S7 1200 Cp 1243 1 Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Siplus S7 1200 Cp 1243 1 Rail

    HW
    Siemens
    wszystkie wersje
  • Siemens Siplus S7 1200 Cp 1243 1 Rail Firmware

    OS
    Siemens
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2019-12815CRITICAL9.8ten sam produkt

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and ...

CVE-2016-8562HIGH7.5⚠ KEVten sam produkt

A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All v...

CVE-2024-50310HIGH8.7ten sam produkt

A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < ...

CVE-2023-38380HIGH8.7ten sam produkt

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), ...

CVE-2022-43716HIGH7.5ten sam produkt

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIM...