A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call)
communication protocol in the affected products do not
properly handle certain unorganized RPC messages. An
attacker could use this vulnerability to cause a denial of service
condition in the RPC server.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Siemens |
|
Configuration 1 [-]
|
No data.
References
History
Fri, 18 Oct 2024 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens openpcs 7 Siemens simatic Batch Siemens simatic Pcs 7 Siemens simatic Route Control Siemens simatic Wincc Siemens simatic Wincc Runtime Professional |
|
| CPEs | cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:8.0:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:* |
|
| Vendors & Products |
Siemens
Siemens openpcs 7 Siemens simatic Batch Siemens simatic Pcs 7 Siemens simatic Route Control Siemens simatic Wincc Siemens simatic Wincc Runtime Professional |
Tue, 10 Sep 2024 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. |
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-02-13T08:59:55.432Z
Updated: 2024-09-10T09:36:22.958Z
Reserved: 2023-11-15T17:20:32.751Z
Link: CVE-2023-48363
Vulnrichment
Updated: 2024-08-02T21:30:34.556Z
NVD
Status : Modified
Published: 2024-02-13T09:15:45.763
Modified: 2024-11-21T08:31:34.337
Link: CVE-2023-48363
Redhat
No data.