CVE-2022-47374
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly.
This could allow an attacker to exhaust system resources and create a denial of service condition for the device.
Se ha identificado una vulnerabilidad en:
SIMATIC PC-Station Plus (todas las versiones),
SIMATIC S7-400 CPU 412-2 PN V7 (todas las versiones),
SIMATIC S7-400 CPU 414-3 PN/DP V7 (todas las versiones),
SIMATIC S7 -400 CPU 414F-3 PN/DP V7 (todas las versiones),
SIMATIC S7-400 CPU 416-3 PN/DP V7 (todas las versiones),
SIMATIC S7-400 CPU 416F-3 PN/DP V7 (todas las versiones),
SINAMICS S120 (incl. variantes SIPLUS) (todas las versiones < V5.2 SP3 HF15),
SIPLUS S7-400 CPU 414-3 PN/DP V7 (todas las versiones),
SIPLUS S7-400 CPU 416-3 PN/DP V7 (todas las versiones) ).
Los productos afectados no manejan correctamente las solicitudes HTTP(S) al servidor web. Esto podría permitir que un atacante agote los recursos del sistema y cree una condición de denegación de servicio para el dispositivo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-12-13 CVE Reserved
- 2023-12-12 CVE Published
- 2023-12-13 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-674: Uncontrolled Recursion
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf | 2023-12-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | 6es7412-2ek07-0ab0 Firmware Search vendor "Siemens" for product "6es7412-2ek07-0ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6es7412-2ek07-0ab0 Search vendor "Siemens" for product "6es7412-2ek07-0ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6es7414-3em07-0ab0 Firmware Search vendor "Siemens" for product "6es7414-3em07-0ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6es7414-3em07-0ab0 Search vendor "Siemens" for product "6es7414-3em07-0ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6es7414-3fm07-0ab0 Firmware Search vendor "Siemens" for product "6es7414-3fm07-0ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6es7414-3fm07-0ab0 Search vendor "Siemens" for product "6es7414-3fm07-0ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6es7416-3es07-0ab0 Firmware Search vendor "Siemens" for product "6es7416-3es07-0ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6es7416-3es07-0ab0 Search vendor "Siemens" for product "6es7416-3es07-0ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6es7416-3fs07-0ab0 Firmware Search vendor "Siemens" for product "6es7416-3fs07-0ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6es7416-3fs07-0ab0 Search vendor "Siemens" for product "6es7416-3fs07-0ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6ag1414-3em07-7ab0 Firmware Search vendor "Siemens" for product "6ag1414-3em07-7ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6ag1414-3em07-7ab0 Search vendor "Siemens" for product "6ag1414-3em07-7ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | 6ag1416-3es07-7ab0 Firmware Search vendor "Siemens" for product "6ag1416-3es07-7ab0 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | 6ag1416-3es07-7ab0 Search vendor "Siemens" for product "6ag1416-3es07-7ab0" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 4.7 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.7" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 4.8 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 4.9 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "4.9" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.0 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.1 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1" | sp1 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.1 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1" | sp1_hotfix1 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.1 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.1" | sp1_hotfix13 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | hotfix1 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | hotfix11 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | hotfix7 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | sp3 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | sp3_hotfix1 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | sp3_hotfix13 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | sp3_hotfix6 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware" | 5.2 Search vendor "Siemens" for product "Sinamics S120 Firmware" and version "5.2" | sp3_hotfix9 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics S120 Search vendor "Siemens" for product "Sinamics S120" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Pc-station Plus Firmware Search vendor "Siemens" for product "Simatic Pc-station Plus Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pc-station Plus Search vendor "Siemens" for product "Simatic Pc-station Plus" | - | - |
Safe
|