ID

VAR-202312-0259


CVE

CVE-2023-46156


TITLE

Use of Freed Memory Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-019859

DESCRIPTION

Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. SIMATIC Drive Controller CPU 1504D TF firmware, SIMATIC Drive Controller CPU 1507D TF firmware, simatic et 200sp open control 1515sp pc2 Multiple Siemens products, including firmware, contain vulnerabilities related to the use of freed memory.Service operation interruption (DoS) It may be in a state. SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digitally native CNC system

Trust: 2.16

sources: NVD: CVE-2023-46156 // JVNDB: JVNDB-2023-019859 // CNVD: CNVD-2023-97274

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-97274

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp f-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1514sp-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1515f-2 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic et 200sp open control 1515sp pc2scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 et 200pro\: cpu 1516pro f-2 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 et 200pro\: cpu 1513pro-2 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1515f-2 pn t2 railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1515r-2 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 et 200pro\: cpu 1513pro f-2 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1516-3 pn\/dpscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 et 200pro\:cpu 1516pro-2 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1512sp-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1510sp f-1 pn railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1516-3 pn\/dp tx railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1516f-3 pn\/dp railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinumerik onescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1510sp f-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1510sp-1 pn railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu s7-1518-4 pn\/dp odkscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1514spt f-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1512sp-1 pn railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1518f-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp f-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1516f-3 pn\/dpscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1515f-2 pn railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1518-4 pn\/dp mfpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1518hf-4 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1517h-3 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1511f-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1514spt-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517t-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1507d tfscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu s7-1518f-4 pn\/dp odkscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1511-1 pn tx railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1513-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1515r-2 pn tx railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1518-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1510sp-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1511-1 pn t1 railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus et 200sp 1512sp f-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1513f-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1504d tfscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:sinumerik mcscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1511-1 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517h-3 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4 pn\/dpscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cpu 1512sp f-1 pn railscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1514sp f-2 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4 pnscope:ltversion:3.1.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:simatic s7-1500 cpu 1514sp f-2 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1514spt f-2 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1511-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic et 200sp open control 1515sp pc2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1512c-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1514sp-2 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1511c-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7 1500 cpu 1513-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1513f-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1512sp-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1511tf-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1510sp f-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1512sp f-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1511f-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1510sp-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1514spt-2 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1513r-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 cpu 1511t-1 pnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1504d tfscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1507d tfscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinumerik onescope: - version: -

Trust: 0.6

vendor:siemensmodel:sinumerik mcscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2023-97274 // JVNDB: JVNDB-2023-019859 // NVD: CVE-2023-46156

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2023-46156
value: HIGH

Trust: 1.0

OTHER: JVNDB-2023-019859
value: HIGH

Trust: 0.8

CNVD: CNVD-2023-97274
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-97274
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2023-46156
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2023-019859
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-97274 // JVNDB: JVNDB-2023-019859 // NVD: CVE-2023-46156

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:Use of freed memory (CWE-416) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-019859 // NVD: CVE-2023-46156

PATCH

title:Patch for Siemens SINUMERIK ONE and SINUMERIK-MC Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/500406

Trust: 0.6

sources: CNVD: CNVD-2023-97274

EXTERNAL IDS

db:NVDid:CVE-2023-46156

Trust: 3.2

db:SIEMENSid:SSA-280603

Trust: 2.4

db:SIEMENSid:SSA-592380

Trust: 1.8

db:ICS CERTid:ICSA-23-348-11

Trust: 0.8

db:ICS CERTid:ICSA-23-348-09

Trust: 0.8

db:JVNid:JVNVU98271228

Trust: 0.8

db:JVNDBid:JVNDB-2023-019859

Trust: 0.8

db:CNVDid:CNVD-2023-97274

Trust: 0.6

sources: CNVD: CNVD-2023-97274 // JVNDB: JVNDB-2023-019859 // NVD: CVE-2023-46156

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdf

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/html/ssa-280603.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-592380.html

Trust: 1.0

url:https://jvn.jp/vu/jvnvu98271228/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-46156

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-09

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-11

Trust: 0.8

sources: CNVD: CNVD-2023-97274 // JVNDB: JVNDB-2023-019859 // NVD: CVE-2023-46156

SOURCES

db:CNVDid:CNVD-2023-97274
db:JVNDBid:JVNDB-2023-019859
db:NVDid:CVE-2023-46156

LAST UPDATE DATE

2024-08-14T13:12:12.052000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-97274date:2023-12-13T00:00:00
db:JVNDBid:JVNDB-2023-019859date:2024-01-15T05:11:00
db:NVDid:CVE-2023-46156date:2024-03-12T11:15:47.740

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-97274date:2023-12-14T00:00:00
db:JVNDBid:JVNDB-2023-019859date:2024-01-15T00:00:00
db:NVDid:CVE-2023-46156date:2023-12-12T12:15:13.417