CVE-2024-43647 - OpenCVE

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Siemens	Simatic S7-200 Smart Cpu Cr20s Simatic S7-200 Smart Cpu Cr30s Simatic S7-200 Smart Cpu Cr40 Simatic S7-200 Smart Cpu Cr40s Simatic S7-200 Smart Cpu Cr60 Simatic S7-200 Smart Cpu Cr60s Simatic S7-200 Smart Cpu Sr20 Simatic S7-200 Smart Cpu Sr30 Simatic S7-200 Smart Cpu Sr40 Simatic S7-200 Smart Cpu Sr60 Simatic S7-200 Smart Cpu St20 Simatic S7-200 Smart Cpu St30 Simatic S7-200 Smart Cpu St40 Simatic S7-200 Smart Cpu St60

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-969738.html

History

Tue, 10 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Siemens Siemens simatic S7-200 Smart Cpu Cr20s Siemens simatic S7-200 Smart Cpu Cr30s Siemens simatic S7-200 Smart Cpu Cr40 Siemens simatic S7-200 Smart Cpu Cr40s Siemens simatic S7-200 Smart Cpu Cr60 Siemens simatic S7-200 Smart Cpu Cr60s Siemens simatic S7-200 Smart Cpu Sr20 Siemens simatic S7-200 Smart Cpu Sr30 Siemens simatic S7-200 Smart Cpu Sr40 Siemens simatic S7-200 Smart Cpu Sr60 Siemens simatic S7-200 Smart Cpu St20 Siemens simatic S7-200 Smart Cpu St30 Siemens simatic S7-200 Smart Cpu St40 Siemens simatic S7-200 Smart Cpu St60
CPEs		cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr20s:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr30s:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr40:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr40s:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr60:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr60s:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr20:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr30:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr40:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr60:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st20:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st30:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st40:-:::::::* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st60:-:::::::*
Vendors & Products		Siemens Siemens simatic S7-200 Smart Cpu Cr20s Siemens simatic S7-200 Smart Cpu Cr30s Siemens simatic S7-200 Smart Cpu Cr40 Siemens simatic S7-200 Smart Cpu Cr40s Siemens simatic S7-200 Smart Cpu Cr60 Siemens simatic S7-200 Smart Cpu Cr60s Siemens simatic S7-200 Smart Cpu Sr20 Siemens simatic S7-200 Smart Cpu Sr30 Siemens simatic S7-200 Smart Cpu Sr40 Siemens simatic S7-200 Smart Cpu Sr60 Siemens simatic S7-200 Smart Cpu St20 Siemens simatic S7-200 Smart Cpu St30 Siemens simatic S7-200 Smart Cpu St40 Siemens simatic S7-200 Smart Cpu St60
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 10 Sep 2024 09:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.
Weaknesses		CWE-400
References		https://cert-portal.siemens.com/productcert/html/ssa-969738.html
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:T/RC:C'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2024-09-10T09:36:49.879Z

Updated: 2024-09-10T14:52:35.401Z

Reserved: 2024-08-14T05:49:17.278Z

Link: CVE-2024-43647

Vulnrichment

Updated: 2024-09-10T14:52:26.897Z

NVD

Status : Awaiting Analysis

Published: 2024-09-10T10:15:12.650

Modified: 2024-09-10T12:09:50.377

Link: CVE-2024-43647

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object