A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Siemens |
|
Configuration 1 [-]
|
No data.
References
History
Fri, 18 Oct 2024 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens openpcs 7 Siemens simatic Batch Siemens simatic Pcs 7 Siemens simatic Route Control Siemens simatic Wincc Siemens simatic Wincc Runtime Professional |
|
| CPEs | cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc:8.0:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:* |
|
| Vendors & Products |
Siemens
Siemens openpcs 7 Siemens simatic Batch Siemens simatic Pcs 7 Siemens simatic Route Control Siemens simatic Wincc Siemens simatic Wincc Runtime Professional |
Tue, 10 Sep 2024 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. |
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-02-13T08:59:56.648Z
Updated: 2024-09-10T09:36:24.190Z
Reserved: 2023-11-15T17:20:32.751Z
Link: CVE-2023-48364
Vulnrichment
Updated: 2024-08-02T21:30:34.447Z
NVD
Status : Modified
Published: 2024-02-13T09:15:45.980
Modified: 2024-11-21T08:31:34.503
Link: CVE-2023-48364
Redhat
No data.