As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
- Vulnerabilities: Improper Restriction of XML External Entity Reference, Time-of-check Time-of-use (TOCTOU) Race Condition, Command Injection, Missing Encryption of Sensitive Data, Cross-site Scripting, Improper Restriction of Operations within the Bounds of a Memory Buffer, Use After Free, Improper Input Validation, Out-of-bounds Write, Out-of-bounds Read, Infinite Loop, Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’), Allocation of Resources Without Limits or Throttling, Observable Discrepancy, Generation of Error Message Containing Sensitive Information, NULL Pointer Dereference, Integer Overflow or Wraparound, Uncontrolled Search Path Element, Double Free, Improper Encoding or Escaping of Output, Inappropriate Encoding for Output Context, Path Traversal, Improper Resource Shutdown or Release, Uncontrolled Resource Consumption, CRLF Injection, Encoding Error, Exposure of Resource to Wrong Sphere, Insufficient Entropy, Divide By Zero, Improper Check for Dropped Privileges, Improper Initialization, Incorrect Conversion between Numeric Types, Uncontrolled Recursion, Improper Check for Unusual or Exceptional Conditions, Improper Handling of Exceptional Conditions, Unrestricted Upload of File with Dangerous Type, Missing Release of Resource after Effective Lifetime, Missing Release of Memory after Effective Lifetime, Exposure of Sensitive Information to an Unauthorized Actor, Use of Insufficiently Random Values, Signed to Unsigned Conversion Error, Improper Certificate Validation, Incorrect Type Conversion or Cast, Classic Buffer Overflow, Authentication Bypass by Spoofing, Improper Pr
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from All CISA AdvisoriesRead the original article: