Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could compromise the availability of the system by causing a denial-of-service condition.ĬVE-2019-19282 has been assigned to this vulnerability. SIMATIC WinCC v7.5: all versions prior to v7.5.1 Upd1Ĥ.2 VULNERABILITY OVERVIEW 4.2.1 INCORRECT CALCULATION OF BUFFER SIZE CWE-131.SIMATIC WinCC v7.4: all versions prior to v7.4 SP1 Update 14.SIMATIC WinCC (TIA Portal) v16: all versions prior to v16 Update 1.SIMATIC WinCC (TIA Portal) v15.1: all versions prior to v15.1 Update 5.SIMATIC WinCC (TIA Portal) v14: all versions.SIMATIC WinCC (TIA Portal) v13: all versions prior to v13 SP2.SIMATIC Route Control v9.0: all versions prior to v9.0 Upd4.SIMATIC Route Control v8.2: all versions.SIMATIC Route Control v8.1: all versions.SIMATIC PCS 7 v9.0: all versions prior to v9.0 SP3.SIMATIC NET PC Software: all versions prior to v16 update 1.SIMATIC NET PC Software v16: All versions prior to v16 Update 1.SIMATIC NET PC Software v15: All versions.SIMATIC NET PC Software v14: All versions prior to v14 SP1 Update 14.SIMATIC BATCH v9.0: all versions prior to v9.0 SP1 Upd5.OpenPCS 7 v9.0: all versions prior to v9.0 Upd3.The following versions of SIMATIC software are affected: Successful exploitation of this vulnerability could allow an attacker with network access to cause a denial-of-service condition. This updated advisory is a follow-up to the advisory update titled 20-042-06 Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (Update F) that was published January 12, 2021, on the ICS webpage on 3. Vulnerability: Incorrect Calculation of Buffer Size.**Equipment:**SIMATIC PCS 7, SIMATIC WinCC, SIMATIC NET PC.CVSS v3 7.5 ***ATTENTION: **Exploitable remotely/low skill level to exploit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |