CVE-2022-43768

{"id": "CVE-2022-43768", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-04-11T10:15:17.617", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html", "source": "productcert@siemens.com"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html", "source": "productcert@siemens.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."}], "lastModified": "2024-09-10T10:15:05.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "840C5C25-1E34-42FA-8221-7232622C204F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29D4C72C-4E84-4563-9D66-5C641AB996BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE3D7928-8E1A-400E-B790-58D6F5938E3C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA9BB25C-D5E3-43DE-8C73-06BDC43CA960"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCF9D803-FF47-4400-B2C4-1F4EE28E5AA8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FFBFB96-1A35-4724-831B-68E3A9C32921"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE5003DA-5488-47C1-B442-9137E849FDD5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DFE96226-A2DF-4A9E-8CBB-8D7CF328E404"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93D43BC6-EDE3-4EE1-9410-4717EB641AD0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "651C66E8-B3C0-4E88-BC7C-30BF16A7F7A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "786F3FFD-87E4-45B9-A33C-BAE58379FF39"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF9224A6-8A35-4F4F-951F-5B24B89E5FC8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2AA6B43-7FC7-465A-9CD8-E8A4D6DBCD27"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12A45F37-1E7D-4748-ADAC-EC4C454B693A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1F51B86-57EE-4DB6-B038-06726BC93D2D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0C868560-8BAE-462D-AED0-3C52EA9B6DB8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8648EF79-043D-48DE-B9F8-BF762862EE99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E362CEA5-F47B-4294-8F2D-A0A7AC6FF390"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C8B5C37-200C-4531-8876-3E05F3DE3EC8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "843A8686-5172-4782-BB97-B5D3C6FB27A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F58423D0-954E-426E-9F8F-3DD95FBDF50C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCDA714C-5851-4E35-806F-E0C651A1E87A", "versionEndExcluding": "3.3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "418A9C80-BEFD-4A1F-B1BB-6C45A9267A44", "versionEndExcluding": "3.3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc_diagbase:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8784BA58-12BF-4F1C-94D6-2D15933703C8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc_diagbase_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "530FD06D-E020-4EB3-87DD-F7B2FEE58008"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5E06833-4C26-40AC-B6CF-F7D1322462D6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91371CD0-EBDF-43C5-A262-A46E1C343716"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF3E5DDA-1BD4-4511-A2C8-4B5D40E6755E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE009635-7EC7-4A2F-B1FA-DD75213A25CA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A60FC550-A518-46BF-9124-E21DD654981C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9054A7B6-9569-4D65-9695-A0FFA4F56C74"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "25634AD2-2CC0-45AF-B5DE-39D30CBA91A4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F488C27-C8B9-4238-8409-AB7ACA3BC849"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "116E84DA-31F7-4AAC-A1AE-491C4C98BD49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FE26E32-47C0-4976-A23A-07C1AE318C35"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_net_cp_443-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45B95689-C355-4CF1-AE7A-0860E4CEA11A", "versionEndExcluding": "3.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_net_cp_443-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "21F04D79-5815-4D36-8AA5-4866751D0DDB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_net_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94CC55CF-9BA3-4BE7-9654-F6B6C4F0DA62", "versionEndExcluding": "3.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2498071A-6540-4147-8D01-3B81A5CE9A57"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E700BF4C-64B1-455C-A6A6-3E4D71FB91B7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F9E746CF-4009-4A14-8916-A9E0276CAF8B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B3C83EF-5D93-4F0B-80F9-997261F3DBA9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A294530-727C-4535-8B02-668DF74587D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C616E50-1F96-4A87-8470-1BA8732FCB77", "versionEndExcluding": "2.3.6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "074FDC9C-CB36-4C67-82C8-1B930FF1269F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4646AF8C-B871-4F9E-85A4-ECE8F13AFB21", "versionEndExcluding": "2.3.6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "productcert@siemens.com"}