Design/Logic Flaw

2019-04-1714:29:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON

The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.

The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.

CPENameOperatorVersion
simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmwarelt2.7
simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmwarelt2.1.6
simatic_hmi_comfort_outdoor_panels_firmwarelt15.1
simatic_hmi_comfort_outdoor_panels_firmwareeq15.1
simatic_hmi_comfort_panels_firmwarelt15.1
simatic_hmi_comfort_panels_firmwareeq15.1
simatic_hmi_ktp_mobile_panels_ktp400f_firmwarelt15.1
simatic_hmi_ktp_mobile_panels_ktp400f_firmwareeq15.1
simatic_hmi_ktp_mobile_panels_ktp700_firmwarelt15.1
simatic_hmi_ktp_mobile_panels_ktp700_firmwareeq15.1

Name	Operator	Version
simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware	lt	2.7
simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware	lt	2.1.6
simatic_hmi_comfort_outdoor_panels_firmware	lt	15.1
simatic_hmi_comfort_outdoor_panels_firmware	eq	15.1
simatic_hmi_comfort_panels_firmware	lt	15.1
simatic_hmi_comfort_panels_firmware	eq	15.1
simatic_hmi_ktp_mobile_panels_ktp400f_firmware	lt	15.1
simatic_hmi_ktp_mobile_panels_ktp400f_firmware	eq	15.1
simatic_hmi_ktp_mobile_panels_ktp700_firmware	lt	15.1
simatic_hmi_ktp_mobile_panels_ktp700_firmware	eq	15.1