Lucene search

SiemensCVE-2023-46283

HistoryDec 12, 2023 - 12:15 p.m.

CVE-2023-46283

2023-12-1212:15:14

CWE-120

siemens

web.nvd.nist.gov

cve

46283

siemens

opcenter quality

simatic pcs neo

sinumerik

tia portal

buffer overflow

security vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Affected configurations

Nvd

Node

siemensopcenter_qualityMatch-

siemenssimatic_pcs_neoRange<4.1

siemenssinumerik_integrate_runmyhmi_\/automotiveMatch-

siemenstotally_integrated_automation_portalRange14.0–15

siemenstotally_integrated_automation_portalRange15–16

siemenstotally_integrated_automation_portalRange16–17

siemenstotally_integrated_automation_portalRange17–18

siemenstotally_integrated_automation_portalMatch-

siemenstotally_integrated_automation_portalMatch18

siemenstotally_integrated_automation_portalMatch18update_1

VendorProductVersionCPE
siemensopcenter_quality-cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*
siemenssimatic_pcs_neo*cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*
siemenssinumerik_integrate_runmyhmi_\/automotive-cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\/automotive:-:*:*:*:*:*:*:*
siemenstotally_integrated_automation_portal*cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*
siemenstotally_integrated_automation_portal-cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*
siemenstotally_integrated_automation_portal18cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*
siemenstotally_integrated_automation_portal18cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	opcenter_quality	-	cpe:2.3:a:siemens:opcenter_quality:-:::::::*
siemens	simatic_pcs_neo	*	cpe:2.3:a:siemens:simatic_pcs_neo::::::::
siemens	sinumerik_integrate_runmyhmi_\/automotive	-	cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\/automotive:-:::::::*
siemens	totally_integrated_automation_portal	*	cpe:2.3:a:siemens:totally_integrated_automation_portal::::::::
siemens	totally_integrated_automation_portal	-	cpe:2.3:a:siemens:totally_integrated_automation_portal:-:::::::*
siemens	totally_integrated_automation_portal	18	cpe:2.3:a:siemens:totally_integrated_automation_portal:18:::::::*
siemens	totally_integrated_automation_portal	18	cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1::::::

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "Opcenter Quality",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2312",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC PCS neo",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SINEC NMS",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.0 SP1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Totally Integrated Automation Portal (TIA Portal) V14",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Totally Integrated Automation Portal (TIA Portal) V16",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Totally Integrated Automation Portal (TIA Portal) V17",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V17 Update 8",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Totally Integrated Automation Portal (TIA Portal) V18",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V18 Update 3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

cert-portal.siemens.com/productcert/html/ssa-999588.html

cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for CVE-2023-46283