Details of VAR-202407-1417

ID

VAR-202407-1417

TITLE

Siemens (China) Co., Ltd. has multiple products with denial of service vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2024-25232

DESCRIPTION

Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitalization. Many products of Siemens (China) Co., Ltd. have denial of service vulnerabilities. Attackers can exploit the vulnerabilities to cause equipment shutdown and manually restart the PLC to recover.

Trust: 0.6

sources: CNVD: CNVD-2024-25232

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-25232

AFFECTED PRODUCTS

vendor:	siemens	model:	cpu pn/dp	scope:	eq	version:	319-3v3.2.14	Trust: 0.6
vendor:	siemens	model:	cp	scope:	eq	version:	343-1v2.6.0	Trust: 0.6

sources: CNVD: CNVD-2024-25232

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2024-25232
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2024-25232
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2024-25232

PATCH

title:

Patch for Siemens (China) Co., Ltd. has multiple products with denial of service vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/554916

Trust: 0.6

sources: CNVD: CNVD-2024-25232

EXTERNAL IDS

db:

CNVD

id:

CNVD-2024-25232

Trust: 0.6

sources: CNVD: CNVD-2024-25232

SOURCES

db:

CNVD

id:

CNVD-2024-25232

LAST UPDATE DATE

2024-07-25T04:18:21.146000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2024-25232

date:

2024-06-11T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2024-25232

date:

2024-07-06T00:00:00