// For flags

CVE-2020-7587

 

Severity Score

8.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&amp;L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El envío de múltiples paquetes especialmente diseñados al servicio afectado podría causar una denegación de servicio remota parcial, que haría que el servicio se reiniciara. En algunos casos la vulnerabilidad podría filtrar información aleatoria del servicio remoto

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-01-21 CVE Reserved
  • 2020-07-14 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-10-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Opcenter Execution Discrete
Search vendor "Siemens" for product "Opcenter Execution Discrete"
< 3.2
Search vendor "Siemens" for product "Opcenter Execution Discrete" and version " < 3.2"
-
Affected
Siemens
Search vendor "Siemens"
Opcenter Execution Foundation
Search vendor "Siemens" for product "Opcenter Execution Foundation"
< 3.2
Search vendor "Siemens" for product "Opcenter Execution Foundation" and version " < 3.2"
-
Affected
Siemens
Search vendor "Siemens"
Opcenter Execution Process
Search vendor "Siemens" for product "Opcenter Execution Process"
< 3.2
Search vendor "Siemens" for product "Opcenter Execution Process" and version " < 3.2"
-
Affected
Siemens
Search vendor "Siemens"
Opcenter Intelligence
Search vendor "Siemens" for product "Opcenter Intelligence"
< 3.3
Search vendor "Siemens" for product "Opcenter Intelligence" and version " < 3.3"
-
Affected
Siemens
Search vendor "Siemens"
Opcenter Quality
Search vendor "Siemens" for product "Opcenter Quality"
< 11.3
Search vendor "Siemens" for product "Opcenter Quality" and version " < 11.3"
-
Affected
Siemens
Search vendor "Siemens"
Opcenter Rd\&l
Search vendor "Siemens" for product "Opcenter Rd\&l"
8.0
Search vendor "Siemens" for product "Opcenter Rd\&l" and version "8.0"
-
Affected
Siemens
Search vendor "Siemens"
Simatic It Lms
Search vendor "Siemens" for product "Simatic It Lms"
< 2.6
Search vendor "Siemens" for product "Simatic It Lms" and version " < 2.6"
-
Affected
Siemens
Search vendor "Siemens"
Simatic It Production Suite
Search vendor "Siemens" for product "Simatic It Production Suite"
< 8.0
Search vendor "Siemens" for product "Simatic It Production Suite" and version " < 8.0"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Notifier Server
Search vendor "Siemens" for product "Simatic Notifier Server"
*windows
Affected
Siemens
Search vendor "Siemens"
Simatic Pcs Neo
Search vendor "Siemens" for product "Simatic Pcs Neo"
< 3.0
Search vendor "Siemens" for product "Simatic Pcs Neo" and version " < 3.0"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Pcs Neo
Search vendor "Siemens" for product "Simatic Pcs Neo"
3.0
Search vendor "Siemens" for product "Simatic Pcs Neo" and version "3.0"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Step 7
Search vendor "Siemens" for product "Simatic Step 7"
>= 15 < 15.1
Search vendor "Siemens" for product "Simatic Step 7" and version " >= 15 < 15.1"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Step 7
Search vendor "Siemens" for product "Simatic Step 7"
15.1
Search vendor "Siemens" for product "Simatic Step 7" and version "15.1"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Step 7
Search vendor "Siemens" for product "Simatic Step 7"
16
Search vendor "Siemens" for product "Simatic Step 7" and version "16"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Step 7
Search vendor "Siemens" for product "Simatic Step 7"
16
Search vendor "Siemens" for product "Simatic Step 7" and version "16"
update1
Affected
Siemens
Search vendor "Siemens"
Simocode Es
Search vendor "Siemens" for product "Simocode Es"
< 15.1
Search vendor "Siemens" for product "Simocode Es" and version " < 15.1"
-
Affected
Siemens
Search vendor "Siemens"
Simocode Es
Search vendor "Siemens" for product "Simocode Es"
15.1
Search vendor "Siemens" for product "Simocode Es" and version "15.1"
-
Affected
Siemens
Search vendor "Siemens"
Simocode Es
Search vendor "Siemens" for product "Simocode Es"
16
Search vendor "Siemens" for product "Simocode Es" and version "16"
-
Affected
Siemens
Search vendor "Siemens"
Soft Starter Es
Search vendor "Siemens" for product "Soft Starter Es"
< 15.1
Search vendor "Siemens" for product "Soft Starter Es" and version " < 15.1"
-
Affected
Siemens
Search vendor "Siemens"
Soft Starter Es
Search vendor "Siemens" for product "Soft Starter Es"
15.1
Search vendor "Siemens" for product "Soft Starter Es" and version "15.1"
-
Affected