Summary
| Detail | |||
|---|---|---|---|
| Vendor | Siemens | First view | 2019-10-10 |
| Product | Simatic s7-300 Cpu 318-2 Firmware | Last view | 2020-03-10 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:siemens:simatic_s7-300_cpu_318-2_firmware:*:*:*:*:*:*:*:* | 3 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2020-03-10 | CVE-2019-18336 | A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known. |
| 5 | 2019-10-10 | CVE-2019-10936 | Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. |
| 5 | 2019-10-10 | CVE-2019-10923 | An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
