ID
VAR-201510-0732
TITLE
Siemens SIMATIC S7-300 CPU OB Module Security Vulnerability
Trust: 0.2
DESCRIPTION
Siemens SIMATIC S7-300 CPU device Is the German Siemens ( Siemens ) A modular universal controller for discrete and continuous control of industrial environments, such as manufacturing, food and beverage and chemical industries. S7-300 PLC The program uses a structured program, which is divided into multiple modules, and each module completes the corresponding function. Combined to achieve a complex control system. Just like high-level languages, subroutines are used to implement specific functions, and then each subroutine is called through the main program, so that complex programs can be realized. OB The module is equivalent to the main program and is responsible for calling other modules. Siemens SIMATIC S7-300 CPU Is present in the device OB Module security vulnerability. A remote attacker uses the vulnerability to submit a special sequence of malformed messages and send it to the Ethernet or local serial port, which can cause the application to crash and cause a denial of service attack ( PLC There will be many different reactions, such as denial of service, or inability to download programs, etc.), you need to restart PLC To resume work.
Trust: 0.2
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.2 |
AFFECTED PRODUCTS
| vendor: | siemens | model: | - | scope: | eq | version: | * | Trust: 0.2 |
| vendor: | siemens | model: | simatic s7-300 cpu; | scope: | eq | version: | * | Trust: 0.2 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
TYPE
Denial of service
Trust: 0.2
EXTERNAL IDS
| db: | IVD | id: | 5FD66F78-8898-11E7-A432-000C2975A0FC | Trust: 0.2 |
SOURCES
| db: | IVD | id: | 5fd66f78-8898-11e7-a432-000c2975a0fc |
LAST UPDATE DATE
2022-05-04T10:27:06.192000+00:00
SOURCES UPDATE DATE
SOURCES RELEASE DATE
| db: | IVD | id: | 5fd66f78-8898-11e7-a432-000c2975a0fc | date: | 2015-10-01T00:00:00 |