Sign-up

ID

VAR-202312-0253


CVE

CVE-2023-38380


TITLE

Lack of Freeing Memory After Expiration Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-019860

DESCRIPTION

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. 6gk7243-8rx30-0xe0 firmware, 6gk7543-1ax00-0xe0 firmware, 6ag1543-1ax00-2xe0 Multiple Siemens products, including firmware, are vulnerable to a lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC CP 1242 and CP 1243 associated processors connect the SIMATIC S7-1200 controller to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. A denial of service vulnerability exists in the Siemens Industrial Products Web Server

Trust: 2.16

sources: NVD: CVE-2023-38380 // JVNDB: JVNDB-2023-019860 // CNVD: CNVD-2023-97273

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-97273

AFFECTED PRODUCTS

vendor:siemensmodel:6gk7243-8rx30-0xe0scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinamics s210scope:eqversion:5.2

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1 iecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1 dnp3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinamics s210scope:eqversion:5.1

Trust: 1.0

vendor:siemensmodel:simatic cp 1242-7 v2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-7 ltescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinamics s210scope:eqversion:6.1

Trust: 1.0

vendor:siemensmodel:6ag1543-1ax00-2xe0scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6gk7543-1ax00-0xe0scope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:simatic cp 1243-7 ltescope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6ag1543-1ax00-2xe0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:sinamics s210scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk7243-8rx30-0xe0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic cp 1243-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic cp 1243-1 iecscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic cp 1243-1 dnp3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk7543-1ax00-0xe0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic cp 1242-7 v2scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp ircscope:eqversion:1243-8

Trust: 0.6

vendor:siemensmodel:simatic cp dnp3scope:eqversion:1243-1

Trust: 0.6

vendor:siemensmodel:simatic cp iecscope:eqversion:1243-1

Trust: 0.6

vendor:siemensmodel:simatic cpscope:eqversion:1242-7v2

Trust: 0.6

vendor:siemensmodel:simatic cpscope:eqversion:1243-1

Trust: 0.6

vendor:siemensmodel:simatic cp ltescope:eqversion:1243-7

Trust: 0.6

vendor:siemensmodel:simatic cpscope:eqversion:1543-1

Trust: 0.6

vendor:siemensmodel:sinamics s210 hf2scope:gteversion:v6.1,<v6.1

Trust: 0.6

vendor:siemensmodel:siplus net cpscope:eqversion:1543-1

Trust: 0.6

sources: CNVD: CNVD-2023-97273 // JVNDB: JVNDB-2023-019860 // NVD: CVE-2023-38380

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2023-38380
value: HIGH

Trust: 1.0

OTHER: JVNDB-2023-019860
value: HIGH

Trust: 0.8

CNVD: CNVD-2023-97273
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-97273
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2023-38380
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2023-019860
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-97273 // JVNDB: JVNDB-2023-019860 // NVD: CVE-2023-38380

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.0

problemtype:Lack of memory release after expiration (CWE-401) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-019860 // NVD: CVE-2023-38380

PATCH

title:Patch for Siemens Industrial Products Web Server Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/500376

Trust: 0.6

sources: CNVD: CNVD-2023-97273

EXTERNAL IDS

db:NVDid:CVE-2023-38380

Trust: 3.2

db:SIEMENSid:SSA-693975

Trust: 2.4

db:SIEMENSid:SSA-139628

Trust: 1.0

db:SIEMENSid:SSA-625862

Trust: 1.0

db:JVNid:JVNVU93250330

Trust: 0.8

db:JVNid:JVNVU98271228

Trust: 0.8

db:ICS CERTid:ICSA-24-165-10

Trust: 0.8

db:ICS CERTid:ICSA-23-348-08

Trust: 0.8

db:JVNDBid:JVNDB-2023-019860

Trust: 0.8

db:CNVDid:CNVD-2023-97273

Trust: 0.6

sources: CNVD: CNVD-2023-97273 // JVNDB: JVNDB-2023-019860 // NVD: CVE-2023-38380

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/html/ssa-693975.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-139628.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-625862.html

Trust: 1.0

url:https://jvn.jp/vu/jvnvu98271228/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93250330/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-38380

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-08

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10

Trust: 0.8

sources: CNVD: CNVD-2023-97273 // JVNDB: JVNDB-2023-019860 // NVD: CVE-2023-38380

SOURCES

db:CNVDid:CNVD-2023-97273
db:JVNDBid:JVNDB-2023-019860
db:NVDid:CVE-2023-38380

LAST UPDATE DATE

2024-08-14T12:47:17.949000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-97273date:2023-12-13T00:00:00
db:JVNDBid:JVNDB-2023-019860date:2024-06-17T06:15:00
db:NVDid:CVE-2023-38380date:2024-06-11T12:15:10.630

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-97273date:2023-12-14T00:00:00
db:JVNDBid:JVNDB-2023-019860date:2024-01-15T00:00:00
db:NVDid:CVE-2023-38380date:2023-12-12T12:15:11.477