CVE-2020-7588
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El envío de un paquete especialmente diseñado al servicio afectado podría causar una denegación de servicio remota parcial, que haría que el servicio se reiniciara
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-21 CVE Reserved
- 2020-07-14 CVE Published
- 2023-06-20 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | 2023-01-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Opcenter Execution Discrete Search vendor "Siemens" for product "Opcenter Execution Discrete" | < 3.2 Search vendor "Siemens" for product "Opcenter Execution Discrete" and version " < 3.2" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Opcenter Execution Foundation Search vendor "Siemens" for product "Opcenter Execution Foundation" | < 3.2 Search vendor "Siemens" for product "Opcenter Execution Foundation" and version " < 3.2" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Opcenter Execution Process Search vendor "Siemens" for product "Opcenter Execution Process" | < 3.2 Search vendor "Siemens" for product "Opcenter Execution Process" and version " < 3.2" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Opcenter Intelligence Search vendor "Siemens" for product "Opcenter Intelligence" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Opcenter Quality Search vendor "Siemens" for product "Opcenter Quality" | < 11.3 Search vendor "Siemens" for product "Opcenter Quality" and version " < 11.3" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Opcenter Rd\&l Search vendor "Siemens" for product "Opcenter Rd\&l" | 8.0 Search vendor "Siemens" for product "Opcenter Rd\&l" and version "8.0" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic It Lms Search vendor "Siemens" for product "Simatic It Lms" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic It Production Suite Search vendor "Siemens" for product "Simatic It Production Suite" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Notifier Server Search vendor "Siemens" for product "Simatic Notifier Server" | * | windows |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Pcs Neo Search vendor "Siemens" for product "Simatic Pcs Neo" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7" | >= 15 <= 15.1 Search vendor "Siemens" for product "Simatic Step 7" and version " >= 15 <= 15.1" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7" | 16 Search vendor "Siemens" for product "Simatic Step 7" and version "16" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7" | 16 Search vendor "Siemens" for product "Simatic Step 7" and version "16" | update_1 |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simocode Es Search vendor "Siemens" for product "Simocode Es" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Soft Starter Es Search vendor "Siemens" for product "Soft Starter Es" | * | - |
Affected
| ||||||