QID 590853

Date Published: 2022-06-23

QID 590853: Siemens SIMATIC S7-400 Vulnerability (icsa-22-104-12) (ssa-557541)

3.1 AFFECTED PRODUCTS
The following Siemens S7-400 products are affected
SIMATIC S7-400 HV6 CPU family (incl. SIPLUS variants): All versions prior to v6.0.10
SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants): All versions
SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants): All versions
SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants): All versions prior to v10.1

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Successful exploitation of this vulnerability could allow an attacker to create a denial-of-service condition.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 5 severity.
  • Solution

    Customers are advised to refer to CERT MITIGATIONS section icsa-22-104-12 for affected packages and patching details.

    Vendor References

    CVEs related to QID 590853

    Software Advisories
    Advisory ID Software Component Link
    icsa-22-104-12 URL Logo www.cisa.gov/uscert/ics/advisories/icsa-22-104-12