CVE-2023-38380

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-38380
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/html/ssa-139628.html
https://cert-portal.siemens.com/productcert/html/ssa-625862.html
https://cert-portal.siemens.com/productcert/html/ssa-693975.html
https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:6gk7243-8rx30-0xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk7243-8rx30-0xe0:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:6gk7543-1ax00-0xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk7543-1ax00-0xe0:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:6ag1543-1ax00-2xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6ag1543-1ax00-2xe0:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1243-7_lte_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-7_lte:*:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1_hotfix8:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:-:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix2:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix5:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix6:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix7:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix3:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix5:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:-:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:hotfix1:*:*:*:*:*:*
cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*
History

11 Jun 2024, 12:15

Type Values Removed Values Added
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-139628.html -
  • () https://cert-portal.siemens.com/productcert/html/ssa-625862.html -
Summary (en) A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. (en) A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.

12 Mar 2024, 11:15

Type Values Removed Values Added
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-693975.html -
Summary (en) A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1543-1 (All versions), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (All versions). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. (en) A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.

18 Dec 2023, 15:08

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf - Vendor Advisory
CPE cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix2:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:6ag1543-1ax00-2xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix5:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:-:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix9:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix6:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix7:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:6.1:hotfix1:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6ag1543-1ax00-2xe0:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:6gk7243-8rx30-0xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3_hotfix3:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1243-7_lte_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:6gk7543-1ax00-0xe0_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-7_lte:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk7543-1ax00-0xe0:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:6gk7243-8rx30-0xe0:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:sp3:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix6:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1_hotfix8:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:hotfix5:*:*:*:*:*:*
cpe:2.3:o:siemens:sinamics_s210_firmware:5.2:-:*:*:*:*:*:*

12 Dec 2023, 12:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-12 12:15

Updated : 2024-06-11 12:15

NVD link : CVE-2023-38380

Mitre link : CVE-2023-38380

CVE.ORG link : CVE-2023-38380

JSON object : View

Products Affected

siemens

  • 6ag1543-1ax00-2xe0
  • 6gk7243-8rx30-0xe0_firmware
  • simatic_cp_1242-7_v2
  • simatic_cp_1243-1_firmware
  • simatic_cp_1243-1_iec_firmware
  • 6gk7543-1ax00-0xe0
  • simatic_cp_1243-1_iec
  • simatic_cp_1243-7_lte
  • sinamics_s210_firmware
  • 6gk7243-8rx30-0xe0
  • simatic_cp_1243-1_dnp3
  • simatic_cp_1243-7_lte_firmware
  • sinamics_s210
  • simatic_cp_1243-1
  • simatic_cp_1242-7_v2_firmware
  • 6gk7543-1ax00-0xe0_firmware
  • 6ag1543-1ax00-2xe0_firmware
  • simatic_cp_1243-1_dnp3_firmware
CWE
CWE-401

Missing Release of Memory after Effective Lifetime