Details of VAR-202011-1492

ID

VAR-202011-1492

CVE

CVE-2020-15783

TITLE

Resource exhaustion vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2020-013577

DESCRIPTION

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service. Several Siemens products contain resource exhaustion vulnerabilities.Denial of service (DoS) It may be put into a state. Siemens SIMATIC S7-300 CPUs are a CPU (Central Processing Unit) module of Siemens (Siemens), Germany. Siemens SINUMERIK 840D sl is a set of advanced machine tool CNC system from Siemens (Siemens) in Germany. Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller have a denial of service vulnerability

Trust: 2.16

sources: NVD: CVE-2020-15783 // JVNDB: JVNDB-2020-013577 // CNVD: CNVD-2020-61956

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-61956

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic s7-300 cpu 314	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 317-2 pn	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 315f-2 pn	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 317-2 dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 315-2 dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic tdc cpu555	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 315-2 pn	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 315f-2 dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 312	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	sinumerik 840d sl	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 317f-2 pn	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-300 cpu 317f-2 dp	scope:	eq	version:	*	Trust: 1.0
vendor:	シーメンス	model:	s7-300 cpu 315f-2 pn	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 315-2 pn	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	sinumerik 840d sl	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 315f-2 dp	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	simatic s7-300 cpu 314	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 317f-2 pn	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	simatic s7-300 cpu 315-2 dp	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 312	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 317-2 dp	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	s7-300 cpu 317-2 pn	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinumerik 840d sl	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic s7-300 cpu family	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-61956 // JVNDB: JVNDB-2020-013577 // NVD: CVE-2020-15783

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-15783
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-15783
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-61956
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202011-741
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-15783
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-61956
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-15783
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-15783
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-61956 // JVNDB: JVNDB-2020-013577 // CNNVD: CNNVD-202011-741 // NVD: CVE-2020-15783

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.0
problemtype:	Resource exhaustion (CWE-400) [ Other ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-013577 // NVD: CVE-2020-15783

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202011-741

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202011-741

PATCH

title:	SSA-492828	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf	Trust: 0.8
title:	Patch for Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller denial of service vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/239452	Trust: 0.6
title:	Siemens SIMATIC S7-300 Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135429	Trust: 0.6

sources: CNVD: CNVD-2020-61956 // JVNDB: JVNDB-2020-013577 // CNNVD: CNNVD-202011-741

EXTERNAL IDS

db:	NVD	id:	CVE-2020-15783	Trust: 3.0
db:	SIEMENS	id:	SSA-492828	Trust: 2.2
db:	JVN	id:	JVNVU98046719	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-013577	Trust: 0.8
db:	CNVD	id:	CNVD-2020-61956	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4045	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-315-04	Trust: 0.6
db:	CNNVD	id:	CNNVD-202011-741	Trust: 0.6

sources: CNVD: CNVD-2020-61956 // JVNDB: JVNDB-2020-013577 // CNNVD: CNNVD-202011-741 // NVD: CVE-2020-15783

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf	Trust: 2.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-15783	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu98046719/	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.4045/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/simatic-s7-300-denial-of-service-via-port-102-packets-33869	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-315-04	Trust: 0.6

sources: CNVD: CNVD-2020-61956 // JVNDB: JVNDB-2020-013577 // CNNVD: CNNVD-202011-741 // NVD: CVE-2020-15783

CREDITS

WangFangLi from Beijing Winicssec Technology CO reported this vulnerability to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202011-741

SOURCES

db:	CNVD	id:	CNVD-2020-61956
db:	JVNDB	id:	JVNDB-2020-013577
db:	CNNVD	id:	CNNVD-202011-741
db:	NVD	id:	CVE-2020-15783

LAST UPDATE DATE

2024-08-14T14:31:58.962000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-61956	date:	2020-11-11T00:00:00
db:	JVNDB	id:	JVNDB-2020-013577	date:	2021-07-08T07:56:00
db:	CNNVD	id:	CNNVD-202011-741	date:	2021-08-11T00:00:00
db:	NVD	id:	CVE-2020-15783	date:	2022-12-06T21:18:30.510

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-61956	date:	2020-11-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-013577	date:	2021-07-08T00:00:00
db:	CNNVD	id:	CNNVD-202011-741	date:	2020-11-10T00:00:00
db:	NVD	id:	CVE-2020-15783	date:	2020-11-12T20:15:16.343