Skip to main content

Simatic Cloud Connect 7 Cc712 Firmware CVE-2023-28831

HIGH
Integer Overflow or Wraparound (CWE-190)
2023-09-12 productcert@siemens.com
Integer Overflow Denial Of Service Simatic Cloud Connect 7 Cc712 Firmware Simatic Cloud Connect 7 Cc716 Firmware Simatic Drive Controller Cpu 1504D Tf Firmware Simatic Drive Controller Cpu 1507D Tf Firmware Simatic Et 200Sp Open Controller Cpu Firmware Simatic S7 1200 Cpu Firmware Simatic S7 1500 Cpu 1510Sp 1 Pn Firmware Simatic S7 1500 Cpu 1510Sp F 1 Pn Firmware Simatic S7 1500 Cpu 1511 1 Pn Firmware Simatic S7 1500 Cpu 1511C 1 Pn Firmware Simatic S7 1500 Cpu 1511F 1 Pn Firmware Simatic S7 1500 Cpu 1511T 1 Pn Firmware Simatic S7 1500 Cpu 1511Tf 1 Pn Firmware Simatic S7 1500 Cpu 1512C 1 Pn Firmware Simatic S7 1500 Cpu 1512Sp 1 Pn Firmware Simatic S7 1500 Cpu 1512Sp F 1 Pn Firmware Simatic S7 1500 Cpu 1513 1 Pn Firmware Simatic S7 1500 Cpu 1513F 1 Pn Firmware Simatic S7 1500 Cpu 1513R 1 Pn Firmware Simatic S7 1500 Cpu 1514Sp 2 Pn Firmware Simatic S7 1500 Cpu 1514Sp F 2 Pn Firmware Simatic S7 1500 Cpu 1514Spt 2 Pn Firmware Simatic S7 1500 Cpu 1514Spt F 2 Pn Firmware Simatic S7 1500 Cpu 1515 2 Pn Firmware Simatic S7 1500 Cpu 1515F 2 Pn Firmware Simatic S7 1500 Cpu 1515R 2 Pn Firmware Simatic S7 1500 Cpu 1515T 2 Pn Firmware Simatic S7 1500 Cpu 1515Tf 2 Pn Firmware Simatic S7 1500 Cpu 1516 3 Pn Dp Firmware Simatic S7 1500 Cpu 1516F 3 Pn Dp Firmware Simatic S7 1500 Cpu 1516T 3 Pn Dp Firmware Simatic S7 1500 Cpu 1516Tf 3 Pn Dp Firmware Simatic S7 1500 Cpu 1517 3 Pn Dp Firmware Simatic S7 1500 Cpu 1517F 3 Pn Dp Firmware Simatic S7 1500 Cpu 1517H 3 Pn Firmware Simatic S7 1500 Cpu 1517T 3 Pn Dp Firmware Simatic S7 1500 Cpu 1517Tf 3 Pn Dp Firmware Simatic S7 1500 Cpu 1518 4 Pn Dp Firmware Simatic S7 1500 Cpu 1518 4 Pn Dp Mfp Firmware Simatic S7 1500 Cpu 1518F 4 Pn Dp Firmware Simatic S7 1500 Cpu 1518F 4 Pn Dp Mfp Firmware Simatic S7 1500 Cpu 1518Hf 4 Pn Firmware Simatic S7 1500 Cpu 1518T 4 Pn Dp Firmware Simatic S7 1500 Cpu 1518Tf 4 Pn Dp Firmware Simatic S7 1500 Cpu S7 1518 4 Pn Dp Odk Firmware Simatic S7 1500 Cpu S7 1518F 4 Pn Dp Odk Firmware Simatic S7 1500 Et 200Pro Firmware Simatic S7 1500 Software Controller Firmware Simatic S7 Plcsim Advanced Firmware Siplus Et 200Sp Cpu 1510Sp 1 Pn Firmware Siplus Et 200Sp Cpu 1510Sp 1 Pn Rail Firmware Siplus Et 200Sp Cpu 1510Sp F 1 Pn Firmware Siplus Et 200Sp Cpu 1510Sp F 1 Pn Rail Firmware Siplus Et 200Sp Cpu 1512Sp 1 Pn Firmware Siplus Et 200Sp Cpu 1512Sp 1 Pn Rail Firmware Siplus Et 200Sp Cpu 1512Sp F 1 Pn Firmware Siplus Et 200Sp Cpu 1512Sp F 1 Pn Rail Firmware Siplus S7 1500 Cpu 1511 1 Pn Firmware Siplus S7 1500 Cpu 1511 1 Pn T1 Rail Firmware Siplus S7 1500 Cpu 1511 1 Pn Tx Rail Firmware Siplus S7 1500 Cpu 1511F 1 Pn Firmware Siplus S7 1500 Cpu 1513 1 Pn Firmware Siplus S7 1500 Cpu 1513F 1 Pn Firmware Siplus S7 1500 Cpu 1515F 2 Pn Firmware Siplus S7 1500 Cpu 1515F 2 Pn Rail Firmware Siplus S7 1500 Cpu 1515F 2 Pn T2 Rail Firmware Siplus S7 1500 Cpu 1515R 2 Pn Firmware Siplus S7 1500 Cpu 1515R 2 Pn Tx Rail Firmware Siplus S7 1500 Cpu 1516 3 Pn Dp Firmware Siplus S7 1500 Cpu 1516 3 Pn Dp Rail Firmware Siplus S7 1500 Cpu 1516 3 Pn Dp Tx Rail Firmware Siplus S7 1500 Cpu 1516F 3 Pn Dp Firmware Siplus S7 1500 Cpu 1516F 3 Pn Dp Rail Firmware Siplus S7 1500 Cpu 1517H 3 Pn Firmware Siplus S7 1500 Cpu 1518 4 Pn Dp Firmware Siplus S7 1500 Cpu 1518 4 Pn Dp Mfp Firmware Siplus S7 1500 Cpu 1518F 4 Pn Dp Firmware Siplus S7 1500 Cpu 1518Hf 4 Pn Firmware
8.7
CVSS 4.0 · Vendor: siemens
Share

Severity by source

Vendor (siemens) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (siemens) · only source for this CVE.

CVSS VectorVendor: siemens

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
CVE Published
Sep 12, 2023 - 10:15 cve.org
HIGH 8.7

DescriptionCVE.org

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.

This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

AnalysisAI

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Affected products include: Siemens Simatic Cloud Connect 7 Cc712 Firmware, Siemens Simatic Cloud Connect 7 Cc716 Firmware, Siemens Simatic Drive Controller Cpu 1504D Tf Firmware, Siemens Simatic Drive Controller Cpu 1507D Tf Firmware, Siemens Simatic Et 200Sp Open Controller Cpu Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

Share

CVE-2023-28831 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy