QID 591419
QID 591419: SIMATIC NET CP Modules Denial of Service (DoS) Vulnerability (SSA-549234)
A denial of service vulnerability was identified in different types of Communication Processors of Siemens SIMATIC NET CP Modules.
The following versions of SIMATIC NET CP Modules, a communication processor, are affected:
SIMATIC CP 343-1 (incl. SIPLUS variants) all versions
SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) all versions
SIMATIC CP 343-1 ERPC (6GK7343-1FX00-0XE0): all versions
SIMATIC CP 343-1 Lean (incl. SIPLUS variants): all versions
SIMATIC CP 443-1 (incl. SIPLUS variants): all versions
SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0): all versions
SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0): all versions
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
On successful exploitation, An attacker could exploit this vulnerability causing the device to become un-operational until the device is restarted.
Workaround:
imit access to port 102/tcp to trusted users and systems only.
cert-portal.siemens.com/productcert/pdf/ssa-549234.pdfCVEs related to QID 591419
| Advisory ID | Software | Component | Link |
|---|