// For flags

CVE-2022-47374

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.

This could allow an attacker to exhaust system resources and create a denial of service condition for the device.

Se ha identificado una vulnerabilidad en:
SIMATIC PC-Station Plus (todas las versiones),
SIMATIC S7-400 CPU 412-2 PN V7 (todas las versiones),
SIMATIC S7-400 CPU 414-3 PN/DP V7 (todas las versiones),
SIMATIC S7 -400 CPU 414F-3 PN/DP V7 (todas las versiones),
SIMATIC S7-400 CPU 416-3 PN/DP V7 (todas las versiones),
SIMATIC S7-400 CPU 416F-3 PN/DP V7 (todas las versiones),
SINAMICS S120 (incl. variantes SIPLUS) (todas las versiones &lt; V5.2 SP3 HF15),
SIPLUS S7-400 CPU 414-3 PN/DP V7 (todas las versiones),
SIPLUS S7-400 CPU 416-3 PN/DP V7 (todas las versiones) ).
Los productos afectados no manejan correctamente las solicitudes HTTP(S) al servidor web. Esto podría permitir que un atacante agote los recursos del sistema y cree una condición de denegación de servicio para el dispositivo.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-12-13 CVE Reserved
  • 2023-12-12 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-11-11 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-674: Uncontrolled Recursion
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
6es7412-2ek07-0ab0 Firmware
Search vendor "Siemens" for product "6es7412-2ek07-0ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6es7412-2ek07-0ab0
Search vendor "Siemens" for product "6es7412-2ek07-0ab0"
--
Safe
Siemens
Search vendor "Siemens"
6es7414-3em07-0ab0 Firmware
Search vendor "Siemens" for product "6es7414-3em07-0ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6es7414-3em07-0ab0
Search vendor "Siemens" for product "6es7414-3em07-0ab0"
--
Safe
Siemens
Search vendor "Siemens"
6es7414-3fm07-0ab0 Firmware
Search vendor "Siemens" for product "6es7414-3fm07-0ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6es7414-3fm07-0ab0
Search vendor "Siemens" for product "6es7414-3fm07-0ab0"
--
Safe
Siemens
Search vendor "Siemens"
6es7416-3es07-0ab0 Firmware
Search vendor "Siemens" for product "6es7416-3es07-0ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6es7416-3es07-0ab0
Search vendor "Siemens" for product "6es7416-3es07-0ab0"
--
Safe
Siemens
Search vendor "Siemens"
6es7416-3fs07-0ab0 Firmware
Search vendor "Siemens" for product "6es7416-3fs07-0ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6es7416-3fs07-0ab0
Search vendor "Siemens" for product "6es7416-3fs07-0ab0"
--
Safe
Siemens
Search vendor "Siemens"
6ag1414-3em07-7ab0 Firmware
Search vendor "Siemens" for product "6ag1414-3em07-7ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6ag1414-3em07-7ab0
Search vendor "Siemens" for product "6ag1414-3em07-7ab0"
--
Safe
Siemens
Search vendor "Siemens"
6ag1416-3es07-7ab0 Firmware
Search vendor "Siemens" for product "6ag1416-3es07-7ab0 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
6ag1416-3es07-7ab0
Search vendor "Siemens" for product "6ag1416-3es07-7ab0"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
4.7
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.7"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
4.8
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.8"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
4.9
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.9"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.0
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.0"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.1
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1"
sp1
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.1
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1"
sp1_hotfix1
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.1
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1"
sp1_hotfix13
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
hotfix1
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
hotfix11
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
hotfix7
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
sp3
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
sp3_hotfix1
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
sp3_hotfix13
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
sp3_hotfix6
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics S120 Firmware
Search vendor "Siemens" for product "Sinamics S120 Firmware"
5.2
Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2"
sp3_hotfix9
Affected
in Siemens
Search vendor "Siemens"
Sinamics S120
Search vendor "Siemens" for product "Sinamics S120"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Pc-station Plus Firmware
Search vendor "Siemens" for product "Simatic Pc-station Plus Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Pc-station Plus
Search vendor "Siemens" for product "Simatic Pc-station Plus"
--
Safe