Description
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
E
Physical
RL
Unchanged
RC
Changed
Affected products
- Siemens / SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC CP 343-1 ERPCAll versions – All versions
- Siemens / SIMATIC CP 343-1 (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC CP 343-1 Lean (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC CP 443-1All versions < V3.3 – All versions < V3.3
- Siemens / SIMATIC CP 443-1 AdvancedAll versions < V3.3 – All versions < V3.3
- Siemens / SIPLUS NET CP 443-1All versions < V3.3 – All versions < V3.3
- Siemens / SIPLUS NET CP 443-1 AdvancedAll versions < V3.3 – All versions < V3.3