CVE-2023-29105 - OpenCVE

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS).

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	6gk1411-1ac00 6gk1411-1ac00 Firmware 6gk1411-5ac00 6gk1411-5ac00 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:6gk1411-1ac00_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk1411-1ac00:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:6gk1411-5ac00_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk1411-5ac00:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2023-05-09T11:51:32.057Z

Updated: 2024-08-02T14:00:15.875Z

Reserved: 2023-03-31T08:06:09.775Z

Link: CVE-2023-29105

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-05-09T13:15:17.627

Modified: 2023-05-15T18:36:17.447

Link: CVE-2023-29105

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29105", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2023-03-31T08:06:09.775Z", "datePublished": "2023-05-09T11:51:32.057Z", "dateUpdated": "2024-08-02T14:00:15.875Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2023-05-09T11:51:32.057Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS)."}], "affected": [{"vendor": "Siemens", "product": "SIMATIC Cloud Connect 7 CC712", "versions": [{"version": "All versions >= V2.0 < V2.1", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC Cloud Connect 7 CC712", "versions": [{"version": "All versions < V2.1", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC Cloud Connect 7 CC716", "versions": [{"version": "All versions >= V2.0 < V2.1", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC Cloud Connect 7 CC716", "versions": [{"version": "All versions < V2.1", "status": "affected"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "baseScore": 5.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-544", "description": "CWE-544: Missing Standardized Error Handling Mechanism", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:15.875Z"}, "title": "CVE Program Container", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk1411-1ac00_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F167D4D5-349A-4A2B-90E8-7EF29991F135", "versionEndExcluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk1411-1ac00:-:*:*:*:*:*:*:*", "matchCriteriaId": "A62A87CC-250C-469E-9D2C-187271020EE6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk1411-5ac00_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DFB8EBF-5050-4AA9-8BD1-51CC51E9E4CB", "versionEndExcluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk1411-5ac00:-:*:*:*:*:*:*:*", "matchCriteriaId": "7804B194-FECA-4D73-9D49-4B7E8FD49258", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS)."}], "id": "CVE-2023-29105", "lastModified": "2023-05-15T18:36:17.447", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2023-05-09T13:15:17.627", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-544"}], "source": "productcert@siemens.com", "type": "Primary"}]}