Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2020-28397

Published: 10/08/2021 Updated: 10/12/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Cpu 1504d Tf Firmware

Vulnerability Summary

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens cpu_1504d_tf_firmware

siemens cpu_1507d_tf_firmware

siemens cpu_1515sp_pc2_tf_firmware

siemens simatic_s7_plcsim_advanced_firmware

siemens simatic s7-1500 software controller

siemens tim_1531_irc_firmware 2.1

siemens cpu_1211c_firmware 4.4

siemens cpu_1212c_firmware 4.4

siemens cpu_1212fc_firmware 4.4

siemens cpu_1214fc_firmware 4.4

siemens cpu_1214c_firmware 4.4

siemens cpu_1215fc_firmware 4.4

siemens cpu_1215c_firmware 4.4

siemens cpu_1217c_firmware 4.4

siemens siplus_cpu_1510sp_f-1pn_firmware

siemens siplus_cpu_1511-1_pn_firmware

siemens siplus_cpu_1511f-1_pn_firmware

siemens siplus_cpu_1512sp-1_pn_firmware

siemens siplus_cpu_1512sp_f-1pn_firmware

siemens siplus_cpu_1513-1_pn_firmware

siemens siplus_cpu_1513f-1_pn_firmware

siemens siplus_cpu_1516-3_pn\\/dp_firmware

siemens siplus_cpu-1516f-3_pn\\/dp_firmware

siemens siplus_cpu_1518-4_pn\\/dp_firmware

siemens siplus_cpu_1518f-4_pn\\/dp_firmware

siemens cpu_1510sp-1pn_firmware

siemens cpu1510sp_f-1_firmware

siemens cpu_1511-1pn_firmware

siemens cpu_1511c-1_pn_firmware

siemens cpu_1511f-1pn_firmware

siemens cpu_1511t-1pn_firmware

siemens cpu_1511tf-1pn_firmware

siemens cpu_1512c-1_pn_firmware

siemens cpu_1512sp-1_pn_firmware

siemens cpu_1512sp_f-1_pn_firmware

siemens cpu_1513-1_pn_firmware

siemens cpu_1513f-1_pn_firmware

siemens cpu_1513r-1_pn_firmware

siemens cpu_1513pro_f-2_pn_firmware

siemens cpu_1515-2_firmware

siemens cpu_1515f-2_firmware

siemens cpu_1515r-2_pn_firmware

siemens cpu_1515t-2_pn_firmware

siemens cpu_1515tf-2_pn_firmware

siemens cpu_1516pro_f-2_pn_firmware

siemens cpu_1516pro-2_pn_firmware

siemens cpu_1516-3_firmware

siemens cpu_1516f-3_firmware

siemens cpu_1516t-3_pn\\/dp_firmware

siemens cpu_1516tf-3_pn\\/dp_firmware

siemens cpu_1517-3_pn\\/dp_firmware

siemens cpu_1517f-3_pn\\/dp_firmware

siemens cpu_1517t-3_pn\\/dp_firmware

siemens cpu_1517tf-3_pn\\/dp_firmware

siemens cpu_1518-4_pn\\/dp_firmware

siemens cpu_1518f-4_pn\\/dp_firmware

References

CWE-863https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdfhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook