Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/12/2023 Updated: 13/02/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

Subscribe to Totally Integrated Automation Portal

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an malicious user to crash the application. The corresponding service is auto-restarted after the crash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens totally integrated automation portal 18
siemens simatic pcs neo
siemens totally integrated automation portal
siemens totally integrated automation portal -
siemens opcenter quality -
siemens sinumerik integrate runmyhmi \\/automotive -

CWE-120 https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf https://cert-portal.siemens.com/productcert/html/ssa-999588.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-46283

Vulnerability Summary

References

Vulmon Search

About

Products

Connect