Simatic Drive Controller Cpu 1504D Tf Firmware
CVE-2023-46156
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from Vendor (siemens) · only source for this CVE.
CVSS VectorVendor: siemens
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.
AnalysisAI
Affected devices improperly handle specially crafted packets sent to port 102/tcp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. Affected products include: Siemens Simatic Drive Controller Cpu 1504D Tf Firmware, Siemens Simatic Drive Controller Cpu 1507D Tf Firmware, Siemens Simatic Et 200Sp Open Control 1515Sp Pc2 Firmware, Siemens Simatic S7-1500 Cpu 1510Sp F-1 Pn Firmware, Siemens Simatic S7-1500 Cpu 1510Sp-1 Pn Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could ca
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Co
The login endpoint /FormLogin in affected web services does not apply proper origin checking. Rated medium severity (CVS
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today