CVE-2023-28827

Severity Score

8.2

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain requests, causing a timeout in the watchdog, which could lead to the clean up of pointers. This could allow a remote attacker to cause a denial of service condition in the system.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Attack Requirements

None

Privileges Required

None

User Interaction

None

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Availability

High

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-03-24 CVE Reserved
2024-09-10 CVE Published
2024-09-10 CVE Updated
2025-04-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (1)

URL	Tag	Source
https://cert-portal.siemens.com/productcert/html/ssa-423808.html

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"		SIMATIC HMI Comfort Panels (incl. SIPLUS Variants) Search vendor "Siemens" for product "SIMATIC HMI Comfort Panels (incl. SIPLUS Variants)"				<= Search vendor "Siemens" for product "SIMATIC HMI Comfort Panels (incl. SIPLUS Variants)" and version " <= "		en		Affected
Siemens Search vendor "Siemens"		SIMATIC IPC DiagBase Search vendor "Siemens" for product "SIMATIC IPC DiagBase"				0 Search vendor "Siemens" for product "SIMATIC IPC DiagBase" and version "0"		en		Affected
Siemens Search vendor "Siemens"		SIMATIC IPC DiagMonitor Search vendor "Siemens" for product "SIMATIC IPC DiagMonitor"				<= Search vendor "Siemens" for product "SIMATIC IPC DiagMonitor" and version " <= "		en		Affected
Siemens Search vendor "Siemens"		SIMATIC WinCC Runtime Advanced Search vendor "Siemens" for product "SIMATIC WinCC Runtime Advanced"				<= Search vendor "Siemens" for product "SIMATIC WinCC Runtime Advanced" and version " <= "		en		Affected