ID

VAR-202407-1417


TITLE

Siemens (China) Co., Ltd. has multiple products with denial of service vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2024-25232

DESCRIPTION

Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitalization. Many products of Siemens (China) Co., Ltd. have denial of service vulnerabilities. Attackers can exploit the vulnerabilities to cause equipment shutdown and manually restart the PLC to recover.

Trust: 0.6

sources: CNVD: CNVD-2024-25232

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-25232

AFFECTED PRODUCTS

vendor:siemensmodel:cpu pn/dpscope:eqversion:319-3v3.2.14

Trust: 0.6

vendor:siemensmodel:cpscope:eqversion:343-1v2.6.0

Trust: 0.6

sources: CNVD: CNVD-2024-25232

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2024-25232
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2024-25232
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2024-25232

PATCH

title:Patch for Siemens (China) Co., Ltd. has multiple products with denial of service vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/554916

Trust: 0.6

sources: CNVD: CNVD-2024-25232

EXTERNAL IDS

db:CNVDid:CNVD-2024-25232

Trust: 0.6

sources: CNVD: CNVD-2024-25232

SOURCES

db:CNVDid:CNVD-2024-25232

LAST UPDATE DATE

2024-07-25T04:18:21.146000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-25232date:2024-06-11T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-25232date:2024-07-06T00:00:00