Lucene search

[email protected]NVD:CVE-2020-15783

HistoryNov 12, 2020 - 8:15 p.m.

CVE-2020-15783

2020-11-1220:15:16

CWE-400

[email protected]

web.nvd.nist.gov

simatic s7-300

simatic tdc cpu555

sinumerik 840d sl

denial-of-service

cold restart

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.

Affected configurations

Nvd

Node

siemenssinumerik_840d_slMatch-

AND

siemenssinumerik_840d_sl_firmware

Node

siemenssimatic_s7-300_cpu_312Match-

AND

siemenssimatic_s7-300_cpu_312_firmware

Node

siemenssimatic_s7-300_cpu_314Match-

AND

siemenssimatic_s7-300_cpu_314_firmware

Node

siemenssimatic_s7-300_cpu_315-2_dpMatch-

AND

siemenssimatic_s7-300_cpu_315-2_dp_firmware

Node

siemenssimatic_s7-300_cpu_315-2_pnMatch-

AND

siemenssimatic_s7-300_cpu_315-2_pn_firmware

Node

siemenssimatic_s7-300_cpu_317-2_pnMatch-

AND

siemenssimatic_s7-300_cpu_317-2_pn_firmware

Node

siemenssimatic_s7-300_cpu_317-2_dpMatch-

AND

siemenssimatic_s7-300_cpu_317-2_dp_firmware

Node

siemenssimatic_s7-300_cpu_315f-2_dpMatch-

AND

siemenssimatic_s7-300_cpu_315f-2_dp_firmware

Node

siemenssimatic_s7-300_cpu_315f-2_pn_firmware

AND

siemenssimatic_s7-300_cpu_315f-2_pnMatch-

Node

siemenssimatic_s7-300_cpu_317f-2_pn_firmware

AND

siemenssimatic_s7-300_cpu_317f-2_pnMatch-

Node

siemenssimatic_s7-300_cpu_317f-2_dp_firmware

AND

siemenssimatic_s7-300_cpu_317f-2_dpMatch-

Node

siemenssimatic_tdc_cpu555_firmware

AND

siemenssimatic_tdc_cpu555Match-

VendorProductVersionCPE
siemenssinumerik_840d_sl-cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
siemenssinumerik_840d_sl_firmware*cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_312-cpe:2.3:h:siemens:simatic_s7-300_cpu_312:-:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_312_firmware*cpe:2.3:o:siemens:simatic_s7-300_cpu_312_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_314-cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_314_firmware*cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_315-2_dp-cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_315-2_dp_firmware*cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_315-2_pn-cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn:-:*:*:*:*:*:*:*
siemenssimatic_s7-300_cpu_315-2_pn_firmware*cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	sinumerik_840d_sl	-	cpe:2.3:h:siemens:sinumerik_840d_sl:-:::::::*
siemens	sinumerik_840d_sl_firmware	*	cpe:2.3:o:siemens:sinumerik_840d_sl_firmware::::::::
siemens	simatic_s7-300_cpu_312	-	cpe:2.3:h:siemens:simatic_s7-300_cpu_312:-:::::::*
siemens	simatic_s7-300_cpu_312_firmware	*	cpe:2.3:o:siemens:simatic_s7-300_cpu_312_firmware::::::::
siemens	simatic_s7-300_cpu_314	-	cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:::::::*
siemens	simatic_s7-300_cpu_314_firmware	*	cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware::::::::
siemens	simatic_s7-300_cpu_315-2_dp	-	cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:::::::*
siemens	simatic_s7-300_cpu_315-2_dp_firmware	*	cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware::::::::
siemens	simatic_s7-300_cpu_315-2_pn	-	cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn:-:::::::*
siemens	simatic_s7-300_cpu_315-2_pn_firmware	*	cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn_firmware::::::::

Rows per page:

1-10 of 241

References

cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Related for NVD:CVE-2020-15783

cve1 nessus2 prion1 ics1 cvelist1